Denial of service attacks a worry, says VeriSign


Denial of service attacks a worry, says VeriSign

VeriSign has warned of potential chaos caused by new dangerous types of distributed denial of service (DDoS) attacks.

The company believes that up to 1,500 organisations worldwide have already been attacked this year via botnets and Domain Name System (DNS) servers used to swamp networks with floods of data.

Normally, such denial of service attacks involve thousands of compromised zombie systems sending data or requests for data to targeted servers or networks, making them inaccessible for legitimate use.

However, in the latest cases, attackers sent spoofed domain name requests from botnets to DNS servers, which processed the requests and then sent replies to the spoofed victims.
This so-called ‘amplifier attack’ takes advantage of misconfigured DNS servers to reflect the attack onto a target, amplifying the volume of packets and the volume of data by several orders of magnitude.

It may be that some of the well meant original engineering behind the internet is adding to users’ problems. Some 80% of the installed DNS servers worldwide have enabled ‘recursion’ and process domain name requests for addresses that belong to another domain.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy