How Can DNS Flood Attack Be Differentiated From UDPmix Flood Attack?

337    Asked by AndreaBailey in Cyber Security , Asked on Nov 18, 2022

what is the difference between DNS flood attack and UDP flood attack? Plus, do they only exhaust the network bandwidth or do they also exhaust the server-side assets such as CPU, memory, etc?

Answered by Ankesh Kumar

A DNS flood attack is (or can be, you can do DNS over TCP as well) a more specific type of UDP flood attack, where DNS is used to generate large DNS answers to spoofed DNS queries. Other protocols like NTP and SNMP are popular other types of UDP based flood attacks. All UDPmix attacks use some higher level protocol to generate the actual data for the attack.

As with most DDoS attack types, the weakest link in the chain goes first. Often, this would be bandwidth, but if a server would have enough bandwidth it's very well possible that the server which is under attack would be overloaded another way (CPU, memory, logs filling up disks, etc).

Your Answer


Parent Categories