DNS problem linked to DDoS attacks gets worse

DNS problem linked to DDoS attacks gets worse
DNS problem linked to DDoS attacks gets worse 

By Robert McMillan
IDG News Service
November 13, 2009

Internet security experts say that misconfigured DSL and cable modems 
are worsening a well-known problem with the Internet's DNS (domain name 
system), making it easier for hackers to launch distributed 
denial-of-service (DDoS) attacks against their victims.

According to research set to be released in the next few days, part of 
the problem is blamed on the growing number of consumer devices on the 
Internet that are configured to accept DNS queries from anywhere, what 
networking experts call an "open recursive" or "open resolver" system. 
As more consumers demand broadband Internet, service providers are 
rolling out modems configured this way to their customers said Cricket 
Liu, vice president of architecture with Infoblox, the DNS appliance 
company that sponsored the research. "The two leading culprits we found 
were Telefonica and France Telecom," he said.

In fact, the percentage of DNS systems on the Internet that are 
configured this way has jumped from around 50% in 2007, to nearly 80% 
this year, according to Liu.

Though he hasn't seen the Infoblox data, Georgia Tech Researcher David 
Dagon agreed that open recursive systems are on the rise, in part 
because of "the increase in home network appliances that allow multiple 
computers on the Internet."


Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 

Site design & layout copyright © 1986-2015 CodeGods