Does anyone know if Symantec Endpoint Protection RU5 has some protection for this attack?
Thanks.
https://www.us-cert.gov/ncas/alerts/TA14-017A
Assuming you're running the IPS/fw component then yes there should be protectiona available.Unsure on a signature name for the IPS though but you can drop the traffic at the firewall as well.
Hello,
The link provided is quite old - Original release date: January 17, 2014 | Last revised: March 07, 2014
Here are the articles below which answers all your questions -
http://www.securityweek.com/symantec-observed-spike-dns-amplification-attacks
http://www.scmagazine.com/distributed-denial-of-service-attacks-are-increasing-in-power/article/379299/
Hope that helps!!