6. Types of DNS Attack (Active)
Attack Type Description Individual Techniques
Denial of Service Attacks
Attacks aimed at disrupting the normal functioning of a DNS
server, making it unavailable to users.
● DNS Amplification
● DNS Flood
● NXDOMAIN Attack
Cache Poisoning Attacks 🤢
Attacks involving the corruption of DNS cache data to redirect
users to fraudulent sites.
● DNS Spoofing/Cache Poisoning
Hijacking Attacks ✈
Attacks that redirect DNS queries to malicious DNS servers or
websites.
● DNS Hijacking
Data Exfiltration Attacks
Attacks that use DNS queries and responses to smuggle data out
of a network.
● DNS Tunneling
Resource Consumption 🖥
Attacks designed to consume the resources of DNS servers,
slowing down their performance.
● Phantom Domain Attack
● Random Subdomain Attack
14. Implications of DNS Attacks
Security Implication Attack Type Attack Name
Service Disruption ● DOS
● Amplification
● DNS DDOS
● DNS Amplification
● NXDomain
● Phantom Domain
● Random Subdomain
Security Breach ● Spoofing
● Tunneling
● DNS Hijacking
● DNS Spoofing
● DNS Cache Poisoning
● DNS Tunneling
15. Mitigation / Advance DNS Defence
DOH / DoT
03 ● Encrypts DNS queries and responses.
DNSSEC
02 ● Ensures DNS data integrity and authenticity.
Security Audits /
Firewall Configuration
01 ● Regular checks and monitoring for unusual DNS activities.
● Restricts DNS traffic to trusted resolvers; blocks unusual patterns.
ODoH
04 ● Separates IP addresses from queries for enhanced privacy.