Check DNS Server for Security against Amplification Attacks

Please Note:

The text on this page was translated by translation software. A revised version from our editors will be available soon.

For server-products with administration rights

This is how you find out whether third parties could use or misuse your server for a DNS amplification attack.

You can find out whether the current setting is incorrect by having your server resolve a host name. If the resolution succeeds, you should adjust your server configuration. If the name resolution fails, you do not have to do anything else.

Please note: For the test to be meaningful, it must not take place on the server itself. Instead, use a computer with a regular Internet connection (DSL, cable, etc.) - for example your home PC.

Checking under Windows

On Windows operating systems, please proceed as follows:

Step 1

Press the Windows key + R.

Step 2

Type cmd and press Enter.

step 3

Enter the command nslookup www.ionos.com [IP address of your root server] and confirm your entry with Enter.

An example:

nslookup www.ionos.com 123.123.12.123 
Step 4

Now get an output similar to

NoNon-authoritative answer:
Name: www.ionos.com
Address: 212.227.17.105

this means that your server responds to the request and is vulnerable to amplification attacks. In such a case you should adjust your DNS configuration as described under this link.

Step 5

If the output is similar to

*** Unknown can't find www.ionos.com: Query refused

or only one (or more) timeout(s) are reported to you, you do not have to do anything else.

Testing under Linux or Mac OS

Step 1

Open a terminal (console).

Step 2

Enter the command host www.ionos.com [IP address of your root server], for example

host www.ionos.com 123.123.12.123 
step 3

Get an output similar to

>www.ionos.com has address 212.227.17.105

this means that your server responds to the request and is vulnerable to amplification attacks. In such a case you should adjust your DNS configuration as described under this link.

Step 4

However, get an output similar to

Host www.ionos.com not found: 5(REFUSED) 

you don't have to do anything else, because your DNS refuses to answer the request.


Did this article help you?

Your feedback helps us to further improve our services. To leave feedback, log in to your IONOS account by clicking on the login button at the top right. You can then submit a rating below the article.