Large Volume Of DNS Any Queries

Description

The search is used to identify attempts to use your DNS Infrastructure for DDoS purposes via a DNS amplification attack leveraging ANY queries.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Application Security

Category

Denial of Service

Alert Volume

The search is used to identify attempts to use your DNS Infrastructure for DDoS purposes via a DNS amplification attack leveraging ANY queries.

SPL Difficulty

None

Journey

Stage 3

MITRE ATT&CK Tactics

Impact

MITRE ATT&CK Techniques

Network Denial of Service

Reflection Amplification

Kill Chain Phases

Actions On Objectives

Data Sources

DNS

   Help

Large Volume Of DNS Any Queries Help

To successfully implement this search you must ensure that DNS data is populating the Network_Resolution data model.

   Search

Open in Search