Security News > 2020 > May > DNS this week stands for Drowning Needed Services: Design flaw in name server system can be exploited to flood machines offline
Dubbed NXNSAttack, the flaw [PDF] can be abused to pull off a classic amplification attack: you send a small amount of specially crafted data to a DNS server, which responds by sending a lot of data to a victim's server.
The recursive server contacts your DNS server for your dot.com for that information.
Your name server tells the recursive server it needs to look up another.
So the recursive server - key word recursive - connects to the DNS server for victim.com and asks for the records on all those sub-domains, and the victim.com DNS server replies with error messages for the non-existent sub-domains.
"An attacker who successfully exploited this vulnerability could cause the DNS Server service to become non-responsive."
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/05/21/nxnaattack_bug_disclosed/