New DoS attack a real killer

VeriSign warns

By Nick Farrell

Fri Mar 17 2006, 08:13

A NEW type of Denial of Service (DoS) attack has been spotted by the outfit which administers in the Internet.

VeriSign's chief of security Ken Silva said that the attacks seemed to have been tested in late December and January. However, they have not been seen since. This could mean that either the hackers were caught, or they are using the threat of the killer attacks to blackmail companies.

During the two months, 1,500 separate Internet Protocol addresses were attacked using this method and were bigger than anything Verisign has ever seen, Silva said.

Unlike normal DoS attacks, where a network of bots mounts an attack on a single server, the new attacks involve sending queries to DNS (domain name system) servers with the return address pointed at the targeted victim.

This results in the DNS server making the direct attack and it is a lot harder to stop.

With an old style attack, it was possible to stop a bot-delivered DOS attack by blocking the bot's IP address. However, it is a lot harder to block a DNS server without tiggering the company's operation.

More at ZD Net. µ

Google web search BHSEO campaigns are still a threat 9/11 search results poisoning attack spotted Tuesday, 13 September 2011, 12:20 PM Read more	Diginotar hacker threatens SSL attacks in US, Europe and Israel Vows to hack into internet service providers Thursday, 8 September 2011, 15:04 PM Read more
Verisign obeys court orders for domain takedowns Accepts the new ICE age Thursday, 7 July 2011, 13:51 PM Read more	The rise, fall and legacy of the hacker group Lulzsec How it all started and where it all went wrong Monday, 4 July 2011, 15:53 PM Read more
Indestructible TDSS botnet is spotted Kaspersky Anti-Virus calls the botnet the most sophisticated around Thursday, 30 June 2011, 16:25 PM Read more	Verisign deploys DNSSEC on .com TLD Plugs DNS security hole Friday, 1 April 2011, 16:50 PM Read more

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

Junior Website Developer -

Junior Website Developer - ...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

New DoS attack a real killer

Share this:

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review