<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">
 
September 18, 2019

DNSSEC Can Encourage DDoS

The report has an interesting take on DNSSEC. It notes that, "The growing adoption of DNSSEC suggests that DNS Amplification will continue to pose a significant threat to service provider and enterprise networks alike. Long overdue, the deployment of DNSSEC as the ultimate patch for fixing DNS cache poisoning is finally gaining widespread acceptance. The downside is the exceptionally long responses DNSSEC-enabled servers generate. The long DNS responses include records containing cryptographic keys and/or signatures. When a domain is upgraded to support DNSSEC, it returns traditional records as well as DNS records. As a result, the sizes of DNSSEC-enabled DNS responses significantly exceed those of traditional responses."

Press Contacts

Benjamin Yip

Head of Marketing

E: Benjamin.Yip@Nexusguard.com

Alice Chan

Senior Marketing Executive

E: Alice.Chan@Nexusguard.com

Tweets