Denial of service attacks have been around since the Internet was commercialized. Today’s attacks are often
motivated by money, services on the Internet will disrupt anything for a small fee. Over the past year DNS has
been highlighted as a vector in DDoS attacks. In fact, the 300Gbps attack on Spamhaus misused DNS servers.
DNS based DDoS is usually referred to as an “amplification” attack because it depends on small DNS queries
(~50 bytes) that create responses of thousands of bytes. Although DNS servers are not usually the target of
these attacks, they severely stress infrastructure so attention from operation teams is required.