Preventing DDOS aplification open resolver attack

DDOS Attack  by open DNS resolver:

Open dns resolver provides name resolution to any network outside your network. This means any one can use your
server to resolve the host name and also use it to attack other server by spoofing as your server. This in return
consume your server bandwidth and also cpu + memory resources making your server slow or even result to crash.
(settings suggested below is for BIND server)

Disable open recursive requests:

If we dont need open recursive on our system then we can completly disable it by following method.

vi /etc/named.conf
recursion no; // turn off recursion
allow-transfer {none;};
allow-query-cache {none;};

after modifing the named.conf file DNS server must be restarted.

service named restart

If we need to enable dns recursion then we can specify the ips, so that only these ips can do recursions.

acl ourips {; // change ip as required
options {
allow-recursion {ourips;};
allow-query{any;}; // for web servers
recursion yes;

after midifing the named.conf restart the bind server

service named restart

To check whether recursion is turn off run the following command:

host <your name server>
and result will be 
Host not found

If you are getting too much request to your named server, you will get big log file with entry of dined request. This
will slow down the server, so to disable failed request to be written to the log
add “category security {null;}; to named file.

vi /etc/named.conf
logging {
category security {null;};
channel default_debug {

Was this answer helpful?

 Print this Article

Also Read

How to install Linux Maldet Anti Sheller

This guide will walk you through installing LMD (Linux Malware Detect) on your VPS/Dedicated...

Prevent DDoS by using mod_evasive

“mod_evasive” is an evasive maneuvers module for Apache to provide evasive action in...

How to Secure WHM/cPanel

Login to WHM using root username/passwdhttp://serverip:2086 or http://serverip/whm WHM –...

How to install mod_security on Apache 2.x

What is mod_security or modsecurity? ModSecurity is an open source intrusion detection and...

How to disable ping request?

If you are looking for the  steps to disable ping. Please find the steps below. Run the...