DDoS mitigation for Windows Server 2008 R2

1149935 pts.
Tags:
DDOS
PCI compliance
PCI DSS
Windows Server 2008 R2
We are doing our PCI compliance scans and our Windows Server 2008 R2 was hit by a Nessus Plugin ID. Should I be worried? It has DDoS in the title so that scares me. Here's what it says:
Plugin ID: 35450 Name: DNS Server Spoofed Request Amplification DDoS Synopsis: The remote DNS server could be used in a distributed denial of service attack. Plugin Output: The DNS query was 17 bytes long, the answer is 449 bytes long.
What should I do here?
0

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Kevin Beaver
    I've seen similar findings before. You can typically mitigate this issue by only allowing DNS requests to originate from trusted sources - assuming that's possible in your configuration.
    27,520 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: