Forum Discussion
Solved
DNS Attack - DNS Policy problems with disabling forward for External Clients
Situation: I have few DNS Servers with real IP and single interface (Windows Server 2022) Problem: since 25 days I receive 20-30 000 sessions per second to my DNS servers to resolve all imag...
- Finally, I solve the problem at Firewall level by setup correctly the DNS Filter with Static Domains List and with a Command Line who teach Firewall to provide NO ANSWER if the request is done for other domains than Static Domain List. Default value of the Command Line it was "Redirect" who means that Firewall resolve the query from a nslookup done by own behalf, not provide actual reply form the DNS server. Now when External users are performing example: nslookup http://www.microsoft.com it got an error in return and only Local Hosted Domains are resolved.
I still have no solution for this particular case for Microsoft DNS Policy. May be some day Microsoft DNS Policy will grow up and will become "MAN" sometime 🙂
Finally, I solve the problem at Firewall level by setup correctly the DNS Filter with Static Domains List and with a Command Line who teach Firewall to provide NO ANSWER if the request is done for other domains than Static Domain List. Default value of the Command Line it was "Redirect" who means that Firewall resolve the query from a nslookup done by own behalf, not provide actual reply form the DNS server. Now when External users are performing example: nslookup http://www.microsoft.com it got an error in return and only Local Hosted Domains are resolved.
I still have no solution for this particular case for Microsoft DNS Policy. May be some day Microsoft DNS Policy will grow up and will become "MAN" sometime 🙂
I still have no solution for this particular case for Microsoft DNS Policy. May be some day Microsoft DNS Policy will grow up and will become "MAN" sometime 🙂