• Solution finder
    • Help & contact
    • Spring Offers
      %
    • Solution finder
    Home Web Security

    Check DNS Server for Security against Amplification Attacks

    Please Note:

    The text on this page was translated by translation software. A revised version from our editors will be available soon.

    For server-products with administration rights

    This is how you find out whether third parties could use or misuse your server for a DNS amplification attack.

    You can find out whether the current setting is incorrect by having your server resolve a host name. If the resolution succeeds, you should adjust your server configuration. If the name resolution fails, you do not have to do anything else.

    Please note: For the test to be meaningful, it must not take place on the server itself. Instead, use a computer with a regular Internet connection (DSL, cable, etc.) - for example your home PC.

    Checking under Windows

    On Windows operating systems, please proceed as follows:

    Step 1

    Press the Windows key + R.

    Step 2

    Type cmd and press Enter.

    step 3

    Enter the command nslookup www.ionos.com [IP address of your root server] and confirm your entry with Enter.

    An example:

    nslookup www.ionos.com 123.123.12.123
    bash
    Step 4

    Now get an output similar to

    NoNon-authoritative answer:
Name: www.ionos.com
Address: 212.227.17.105
    bash

    this means that your server responds to the request and is vulnerable to amplification attacks. In such a case you should adjust your DNS configuration as described under this link.

    Step 5

    If the output is similar to

    *** Unknown can't find www.ionos.com: Query refused
    bash

    or only one (or more) timeout(s) are reported to you, you do not have to do anything else.

    Testing under Linux or Mac OS

    Step 1

    Open a terminal (console).

    Step 2

    Enter the command host www.ionos.com [IP address of your root server], for example

    host www.ionos.com 123.123.12.123
    bash
    step 3

    Get an output similar to

    >www.ionos.com has address 212.227.17.105
    bash

    this means that your server responds to the request and is vulnerable to amplification attacks. In such a case you should adjust your DNS configuration as described under this link.

    Step 4

    However, get an output similar to

    Host www.ionos.com not found: 5(REFUSED)
    bash

    you don't have to do anything else, because your DNS refuses to answer the request.

    Content