Massive dDoS from AWS

Lukas · November 9, 2023, 10:04am

At the moment we are facing a massive DoS from AWS against the authoritative DNS Servers from Greenbone. The attacker is flooding us with bogus dictionary queries like:

datareset-portland.greenbone.net
datareset-raytheon.greenbone.net
datasheet-raytheon.greenbone.net
datos-15gitlab.greenbone.net
datos-akamairelay.greenbone.net
datos-apolloodoo-staging.greenbone.net
datos-apolloodoo.greenbone.net
datos-asimfoot.greenbone.net
datos-bocchi.greenbone.net
datos-cartelera.greenbone.net
datos-cfg-gitlab.greenbone.net
datos-comcast.greenbone.net
datos-futebol-ao-vivo.greenbone.net

As long AWS is not acting we will drop ALL direct DNS querys from AWS Networks flooding us with this bogus requests against our authoritative DNS Servers.

DeeAnn · November 9, 2023, 11:37am

Some additional info: if you are using the default DNS in AWS you may be affected by this and something to try is using a different DNS.

Lukas · November 10, 2023, 10:32am

Our Sysadmin team together with external experts managed to migrate the DNS to a distributed secure and highly redundant service.

So there should be no longer any issues with DNS.