VeriSign has warned of potential chaos caused by new dangerous types of distributed denial of service (DDoS) a...
The company believes that up to 1,500 organisations worldwide have already been attacked this year via botnets and Domain Name System (DNS) servers used to swamp networks with floods of data.
Normally, such denial of service attacks involve thousands of compromised zombie systems sending data or requests for data to targeted servers or networks, making them inaccessible for legitimate use.
However, in the latest cases, attackers sent spoofed domain name requests from botnets to DNS servers, which processed the requests and then sent replies to the spoofed victims.
This so-called ‘amplifier attack’ takes advantage of misconfigured DNS servers to reflect the attack onto a target, amplifying the volume of packets and the volume of data by several orders of magnitude.
It may be that some of the well meant original engineering behind the internet is adding to users’ problems. Some 80% of the installed DNS servers worldwide have enabled ‘recursion’ and process domain name requests for addresses that belong to another domain.