Attack on our public DNS-server

Verfasst am: 25. June 2013 von: Net-Spacy

Today we received many different little DDoS attacks which targeted our public DNS infrastructure.

Through this, several TB traffics were created from approximately 8am-11pm – on average about 50 MBit/s bandwidth which were caused by the enquiries on our DNS server.

Because we also use these DNS servers for our onsite-service clients we were not able to simply disconnect this service. This led to a slightly extended timeframe to fend off these attacks with IP blocks.

Meanwhile we have been able to block nearly all offender IP addresses, mainly from China, and hope to have peace in our systems again.

Since most of our onsite-service-clients go online via a VPN tunnel or own a fixed IPv4 address through their internet provider, we will limit everything in the next few days to single IPs which turns our “public” DNS indirectly into a “non-public” DNS.