[ISN] DNS problem linked to DDoS attacks gets worse
InfoSec News
alerts at infosecnews.org
Mon Nov 16 05:10:53 CST 2009
http://www.computerworld.com/s/article/9140839/DNS_problem_linked_to_DDoS_attacks_gets_worse?taxonomyId=17
By Robert McMillan
IDG News Service
November 13, 2009
Internet security experts say that misconfigured DSL and cable modems
are worsening a well-known problem with the Internet's DNS (domain name
system), making it easier for hackers to launch distributed
denial-of-service (DDoS) attacks against their victims.
According to research set to be released in the next few days, part of
the problem is blamed on the growing number of consumer devices on the
Internet that are configured to accept DNS queries from anywhere, what
networking experts call an "open recursive" or "open resolver" system.
As more consumers demand broadband Internet, service providers are
rolling out modems configured this way to their customers said Cricket
Liu, vice president of architecture with Infoblox, the DNS appliance
company that sponsored the research. "The two leading culprits we found
were Telefonica and France Telecom," he said.
In fact, the percentage of DNS systems on the Internet that are
configured this way has jumped from around 50% in 2007, to nearly 80%
this year, according to Liu.
Though he hasn't seen the Infoblox data, Georgia Tech Researcher David
Dagon agreed that open recursive systems are on the rise, in part
because of "the increase in home network appliances that allow multiple
computers on the Internet."
[...]
More information about the ISN
mailing list