DNS flood protection platform for a network
First Claim
1. A non-transitory, machine-readable storage medium having machine-executable instructions stored thereon, which when executed by at least one processor, causes the at least one processor to perform one or more actions to enable a domain name resolution, comprising:
- receiving a request to resolve a domain name;
if a first condition is valid;
in response to the request, sending an alias domain name;
receiving another request, wherein the other request is to resolve the alias domain name; and
if the other request is valid based in part on evaluating an address associated with a source of the request to resolve the domain name that is embedded within the alias domain name with another address associated with a source of the other request, providing a resolution response to the alias domain name using a resolution of the domain name; and
if the first condition is invalid, providing a response associated with the domain name.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments are directed towards providing protection to DNS servers against DNS flood attacks by causing a requesting device to perform multiple DNS lookup requests for resolving a resource record. A request from a network device for a resolution of a domain name may be received by a device interposed between the requesting network device and a DNS server. Upon receiving the request to resolve the domain name, the interposed device may respond with a CNAME that includes a cookie. The requesting device may then send another request that includes the cookie preceded CNAME. The interposed device may then validate the returned cookie returned in the CNAME and if valid, forward the domain name resolution request on to a DNS server. The response may then be forwarded to the requesting device.
-
Citations
13 Claims
-
1. A non-transitory, machine-readable storage medium having machine-executable instructions stored thereon, which when executed by at least one processor, causes the at least one processor to perform one or more actions to enable a domain name resolution, comprising:
-
receiving a request to resolve a domain name; if a first condition is valid; in response to the request, sending an alias domain name; receiving another request, wherein the other request is to resolve the alias domain name; and if the other request is valid based in part on evaluating an address associated with a source of the request to resolve the domain name that is embedded within the alias domain name with another address associated with a source of the other request, providing a resolution response to the alias domain name using a resolution of the domain name; and if the first condition is invalid, providing a response associated with the domain name. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of managing a request for a domain name resolution over a network, comprising:
-
receiving a first query request to resolve a domain name; mapping the domain name to an alias domain name; responding to the first query request with the alias domain name; receiving a second query request to resolve the alias domain name; and if the second query request is valid based in part on evaluating an address associated with the first query request that is embedded within the alias domain name with another address associated with a source of the second query request, providing a resolution response for the alias domain name based on a resolution of the domain name. - View Dependent Claims (7, 8, 9)
-
-
10. A system for managing a request for a domain name resolution, comprising:
-
a domain name system (DNS) server that is configured to enable resolution of a domain name; and a network device that is interposed between a requestor and the DNS server, and is configured to perform actions, including; receiving a request to resolve a domain name; in response to the request, providing an alias domain name; receiving a request to resolve the alias domain name; and if the request to resolve the alias domain name is valid based in part on evaluating an address of a source sending the request to resolve the domain name that is embedded within the alias domain name with another address associated with a source of the request to resolve the alias domain name; sending the domain name to the DNS server for resolution; receiving an response for the domain name; and responding to the request to resolve the alias domain name by providing the response to the domain name for the alias domain name. - View Dependent Claims (11, 12, 13)
-
Specification