Precautionary measures to prevent this attack would include writing firewall rules. Of these firewall rules, which among the following would be appropriate?
A.
Disallow UDP 53 in from outside to DNS server
B.
Allow UDP 53 in from DNS server to outside
C.
Disallow TCP 53 in form secondaries or ISP server to DNS server
You only want your or your ISP’s outside DNS to be able to contact your inside DNS. All other traffic should be directed against the outside DNS.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit