Hello everyone, I'm currently a final year Master's student at the Free University of Brussels. As part of my Master's thesis, I have to implement a DNS amplification scenario within a Cyber Range. However, before achieving this final goal, I first need to make amplification rate measurements within a virtual machine system. I therefore have a few questions about the DNS protocol and DNS servers.
* Why do some DNS servers respond via TCP to an ANY query made under UDP? I have read in RFC8482 that modern DNS servers try to limit responses to ANY queries in order to limit the impact of their use in DNS amplification attack but I would like to learn more about the security measures/best practices currently in place for this type of query and for big TXT responses. Does anyone have any sources or other RFCs that might be useful? * Would you have any advice/recommendations or sources on the legal Framework to be respected for my Master’s thésis, so that I can carry out my various measures without being illegal or alerting certain entities? * Would you have some articles and researches or others about DNS protocol, DNS protocol security or good research practices for DNS amplification attacks? Thank you in advance for your help. I remain at your disposal should you have any questions.
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
