Botnet Attacks EveryDNS

Thousands of Business Affected by Battle Between Miscreants

On December 1st, 2006, EveryDNS was pounded by a malicious botnet attack targeting some "nefarious domains" that were quickly terminated from the service. EveryDNS offers free domain name management to over 100,000 clients worldwide. Miscreants attacking each other on the Internet brought down the DNS service for many legitimate businesses.

The attack completely stopped service for about an hour and required another 6 hours to solve all of the associated problems that appeared. At the peak of the DDoS attack, the company was receiving more than 400mb of traffic per second at all four DNS locations. The hackers targeted port 53, the DNS port, giving security experts quite the battle. This DDoS attack was the largest that EveryDNS had seen in five years.

EveryDNS was able to set up some packet filters and also expand its capacity to stop the attack. By using high-level traffic filtering and other protection methods for DNS servers, EveryDNS shortly managed to provide full service to its customers again. The attack continued for several days before ending.

Botnets, or computer systems controlled by a hacker, were used to wage this attack against a few websites that were receiving domain name management services from EveryDNS. In spite of the fact that only a few small sites were targeted, thousands of others were harmed by this single act.

Source: Security Watch

About Secure64 Software Corporation
Secure64® is a software developer providing highly secure DNS and server applications with built-in denial-of-service protection features to help ensure your Internet-dependent business is always accessible. Based on the genuinely secure SourceT® microOS, Secure64 DNS remains highly available during network attacks and is immune to compromise from rootkits and malware.

DNS Security News Index