Detecting DNS flood attacks

Web applications are prone to several threats and attacks, and DNS flood attacks are one of the most extreme ways of blocking clients from sending the requests to the servers. DNS flood attacks prevent user access the web applications by flooding the application server with invalid requests that prevent the actual client requests from reaching the web servers. Advanced Analytics displays DNS flood attacks, alerting you to take preventive measures to overcome them.

To view the DNS Flood attacks:

  1. Navigate to ApplicationsApp Security Dashboard, and select the bubble plotted on the DNS Flood graph.

  2. In the Instance, select the Citrix ADC instance.

  3. In the App Security investigator section, select the error bubble plotted for DNS Flood Attack on the graph.

    localized image

  4. The DNS Attack section displays details such as the total DNS queries and the negative DNS queries on the graph, along with the total memory usage.

    localized image