The Domain Name System (DNS) is a database that stores internet domain names and further translates them into IP addresses. A DNS reflection/amplification distributed denial-of-service (DDoS ) attack is a common two-step DDoS attack in which the attacker manipulates open DNS servers. The cybercriminal first uses a spoofed IP address to send massive requests to DNS servers. The DNS server then replies to the request, creating an attack on the target victim. The size of these attacks is larger than the spoofed request, resulting in large amounts of traffic going to the victim server. The attack often results in complete inaccessibility of data for a company or organization.

Reflection/Amplification DDoS Attack