Security parameters tightening on F5 DNS level
Hi Experts,
Could you please confirm if all the below points achievable and kinlyd share the configuration article. Thanks.
All unknown queries should be rejected/dropped. | This is often called black-holing requests so that queries for non-existent subdomains get dropped, a null response, or redirected to a sinkhole IP. |
All queries with an excessive number of subdomains should be rejected/dropped. | This is another method to reduce impact from queries for non-existent subdomains. |
All queries with randomized case should be rejected/dropped. | While subdomains, domains, TLDs are not case sensitive, we recommend accepting only queries that are all lower case, all upper case, or first letter upper case with the rest lower case. This will prevent wasting resources on randomized case queries that are not generated by humans. |
Block source upon reaching certain threshold for rejected/dropped unknown queries | All sources reaching a certain threshold of rejected/dropped unknown queries should be blocked for a specific time interval that increases with each new block. |