Best DNS Server solution against attack?

Our actual provider DNS server is beeing attacked.

Is there any provider who could always respond to DNS request and is above all these DNS Attacks?  Or at least have a failover server?   1&1 keep getting hit, GoDaddy is not above that too.   DynDNS?

We don't want to switch all domain names to another place and to end up with the same problem in a few weeks/months.  We also don't have the knowledge to have our own DNS server and manage it properly.

Thank you
LVL 10
Christian de BellefeuilleProgrammerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ugo MenaCommented:
Take a look at Open DNS. They offer both a FREE and PAID Premium version of DNS.

"OpenDNS is the largest and most reliable recursive DNS service available providing a better Internet experience to more than 50 million Internet users around the world."

"OpenDNS provides a cloud-delivered network security service that delivers automated protection against advanced attacks for any device, anywhere."

http://www.opendns.com/
0
footechCommented:
From what I've heard DynDNS is pretty good.  Ourselves, we went with UltraDNS after Network Solutions had some issues.
0
Christian de BellefeuilleProgrammerAuthor Commented:
@ultralites:  OpenDNS is not what you think it is, or you misunderstood my question.  I need a DNS Authoritative, not a Recursive DNS.  Here's a Link explaining the difference.  I know OpenDNS because it's commonly used with DD-WRT Firmwares.

@Footech: DynDNS look pretty safe as you say.  Last outage was in 2011 for 22 minutes, and that was on their Standard DNS Nameservers.   But their Managed DNS was never affected.  We might switch very soon.   6 hours later, the DNS Attack is still in progress and nothing is really done on 1&1 side.  At this moment it's not really a huge problem, but 4 hours ago, it was in our server usage peak and our call center have been flooded.
0
Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

Ugo MenaCommented:
I understand the difference and don't use them myself. Without managing your own internal DNS it limits your choices somewhat.

Why aren't you using your ISP or a more distributed registrar for DNS?

by attack do you mean a distrib. denial of service or something else?
0
Christian de BellefeuilleProgrammerAuthor Commented:
Our ISP iis not any better than 1&1 for attacks and way more expensive.   "More distributed registrar for DNS"... well, that was the goal of my question.   But OpenDNS is not a registrar... they simply offer a service that will help me to resolve domain names.  I could setup an OpenDNS account in DD-WRT to have more control on the content that can be seen (some kind of parental control, but on DNS Server side), but it still doesn't allow me to set my A & SRV Records.

By attack... difficult to say exactly what kind of attack.  The purpose of this question was to find one provider with almost 100% uptime.  Actually, their service is down since 7 hours and the attack is still in progress.  Here is their Status Page.
0
Ugo MenaCommented:
There really isn't a provider with 100% uptime. However I would bet on one with the most DNS server points of presence (POPs).

Akamai and Cloudflare would be a narrow firsts :

http://www.akamai.com/html/solutions/fast-dns.html
https://www.cloudflare.com/dns
followed very closely by Google: https://cloud.google.com/dns/

Amazon's Route 53, Ultra DNS and dynDNS are also worth mentioning and have many customers.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ugo MenaCommented:
Cloudscores has a great report on DNS server performance here:

http://cloudscores.org/reports/editions/state-of-the-cloud-dns/basic/state-of-the-cloud-dns-0914.pdf

Worth noting that a few of the Alexa rated Top Sites have switched to Cloudflare or AWS Route 53 for this service
0
Christian de BellefeuilleProgrammerAuthor Commented:
Sorry for the long delay.  We have started moving our stuff somewhere else.  Sadly, someone on our team suggested GoDaddy, but i think it's not any safer than 1&1.

CloudFlare look ok to me.  I don't know how it would react with our service because they look pretty much like caching everything, but our domains are not used to host web site, but live screen sharing so i don't know how it would act.   I'll dig a little on this side to see how it react.
0
Christian de BellefeuilleProgrammerAuthor Commented:
I just want to add that I've got a call from Akamai after downloading a DDOS Attack Report for Q3 2014.  

Their starting price is 5000$ Per month.

Way beyond my budget :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.