Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term DNS Amplification

Training Camp • Cybersecurity Glossary

What is DNS Amplification?

DNS amplification is a reflection DDoS that abuses open resolvers to flood a spoofed victim with oversized responses, multiplying attack traffic.

Glossary > Threats, Malware & Attacks > DNS Amplification

Understanding DNS Amplification

DNS amplification is a reflection-based distributed denial-of-service attack in which an attacker sends small DNS queries with a spoofed source address to open resolvers, which then send much larger responses to the victim. This amplification multiplies attack traffic many times over, overwhelming the target's bandwidth. Mitigations include disabling open recursion, implementing source-address validation (BCP 38), rate limiting, and using DDoS protection services.

Learn More About DNS Amplification:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →