DNS Open Resolver Attacks

DNS Open Resolver Attacks for Cisco CyOps Associate

**DNS cache poisoning attacks**

Threat actors send spoofed, falsified record resource (RR) information to a DNS resolver to redirect users from legitimate sites to malicious sites. It can also be used to inform the DNS resolver to use a malicious name server that is providing RR information for malicious activities.

**DNS amplification and reflection attacks**

Threat actors use DoS or DDoS attacks on DNS open resolvers to increase the volume of attacks and to hide the true source of an attack. Threat actors send DNS messages to the open resolvers using the IP address of a target host. These attacks are possible because the open resolver will respond to queries from anyone asking a question.

**DNS resource utilization attacks**

A DoS attack that consumes the resources of the DNS open resolvers. This DoS attack consumes all the available resources to negatively affect the operations of the DNS open resolver. The impact of this DoS attack may require the DNS open resolver to be rebooted or services to be stopped and restarted.

answer

Type answer