Logo

DOSarrest Vulnerability Testing and Optimization
Navigation
  • Home
  • non gamstop casino

Attackers could abuse DNSSEC-secured domains for DDoS attacks: report

on August 18, 2016 |
DDoS DDoS Attack Specialist DDoS Attacks DDoS Protection Specialist Defend Against DDoS Denial of Service Attack

A majority or 80% of DNSSEC-secured domains could be used to amplify distributed denial of service (DDoS) attacks, at an average factor of 28.9 times, according to a recent report by Neustar which studied nearly 1,350 domains with DNSSEC deployed.

The report points out that the domains had not properly deployed DNSSEC-signing of their domains, leaving them vulnerable to DDoS attacks.

“Neustar has correctly pointed out the additional amplification factor related to misconfigured DNSSEC vs. legacy DNS, where the inclusion of the digital signature allows for a somewhat higher than a normal DNS amplification attack,” says Corero Network Security COO Dave Larson, in a statement.

“However, the point that must be stressed related to this or any other DDoS amplification vectors is that operators of any network – whether they include DNS service or not – should have their networks configured not to respond to spoofed IP requests.  In addition, DNS operators should configure their DNS servers not to respond to ‘ANY’ requests in order to squelch the opportunity for the server to be leveraged for malicious use.”

Larson adds that on the flip side, the impact to the receiving end of the attack can be especially problematic. The fragmented and amplified attack technique, utilizing DNS or DNSSEC can cause outages, downtime and potential security implications for Internet Service Providers if they are relying on out-of-band DDoS protection mechanisms. Furthermore, organizations relying on traditional IT and security infrastructure such as firewalls and load balancing equipment are no match for these attacks.

“A comprehensive in-line and automatic mitigation method for removing DDoS attacks is the recommended approach for dealing with all types of DDoS attacks - DNS and beyond,” noted Larson.

Source: http://www.networksasia.net/article/attackers-could-abuse-dnssec-secured-domains-ddos-attacks-report.1471485281

Share this story:
  • tweet

Recent Posts

  • Link11 Discovers Record Number of DDoS Attacks in First Half of 2021

    July 15, 2021 - 0 Comment
  • A New Wave of DDoS Extortion Campaigns by Fancy Lazarus

    June 16, 2021 - 0 Comment
  • ‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts

    June 12, 2021 - 0 Comment
Comments are closed.

Keep updated with the latest DDoS Attacks

RSSSubscribe
  • Home
  • Latest News
  • Contact
  • Sitemap
  • Non Gamstop Casinos
  • Casinos Not Affected By Gamstop
  • Casino Sites Not On Gamstop
  • Casino Not On Gamstop
  • Foods Of England
  • Casnio Not On Gamstop
© Copyright 2013. All Rights Reserved. Web Development by: 6folds Marketing