New Tool Shields Organizations From NXDOMAIN Attacks

13-Apr-24

Attacks against the Domain Name System (DNS) are numerous and varied, so organizations have to rely on layers of protective measures, such as traffic monitoring, threat intelligence, and advanced network firewalls, to act in concert. With NXDOMAIN attacks on the rise, organizations need to strengthen their DNS defenses.


n an NXDOMAIN attack — also known as a DNS Water Torture DDoS attack — adversaries overwhelm the DNS server with a large volume of requests for nonexistent (hence the NX prefix) or invalid domains and subdomains. The DNS proxy server uses up most, if not all, of its resources querying the DNS authoritative server, to the point where the server no longer has the capacity to handle any requests, legitimate or bogus.


NXDOMAIN has been a common attack vector for many years, and is becoming a bigger problem, says Jim Gilbert, Akamai’s director of product management. Akamai observed 40% of overall DNS queries for its top 50 financial services customers contained NXDOMAIN records last year.

Read More…