New denial-of-service threat using DNS servers

By Derek Sooman on March 19, 2006, 4:07 AM
A new type of denial-of-service attack is gaining popularity which employs an alarming new tactic. Instead of armies of bots directly inundating a victim's server with a multitude of queries, this new attack instead sends queries to DNS (domain name system) servers with the return address pointed at the targeted victim. The DNS server then makes the direct attack on the victim. This is a much stronger attack, and is a lot more difficult to stop.

While it is possible to stop a bot-delivered DOS attack by blocking the bot's IP address, blocking queries from DNS servers would prove more difficult, Ken Silva, VeriSign's chief security officer, said. He noted that companies could reconfigure their DNS servers to prevent the so-called recursive name service feature, as a possible solution. But he added that companies may be loath to prevent potential customers, partners, researchers and others from sending queries to their DNS.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.