EveryDNS Slammed by Two DDoS Attacks on DNS

Worst outage in five years - 100,000 clients without service

December 2006 - EveryDNS was slammed by a powerful Distributed Denial of Service (DDoS) attack. For almost 24 hours, the Domain Name Service (DNS) servers had problems in resolving legitimate requests coming from clients and visitors. The first DDoS strike knocked EveryDNS offline along with almost 100,000 of its clients. The DNS servers also crashed a few times.

The company worked hard to boost security and filter out the attacking Internet Protocol (IP) addresses. It is generally very hard to separate legitimate DNS traffic from bogus DNS traffic in the case of a DDoS attack. To avoid blocking legitimate DNS users, EveryDNS used Deep Packet Inspection (DPI) capabilities.

To counter DDoS attacks, many companies prefer to increase bandwidth so that users can use their services, and this is what EveryDNS did in addition to the DPI. In parallel with the increased bandwidth, IP filtering and egress filtering eventually stopped the DDoS attack. The hacker flooded EveryDNS with up to 400Mbps traffic at each of its four locations but within a few hours the website and the company's clients came back online.

The December DDoS attack on EveryDNS caused the worst outage in five years. It appears that UltraDNS took the hit for some websites that used free DNS services from them. EveryDNS had no fault in the DDoS attack but suffered its consequences. The targeted domains, apparently nefarious, were terminated.

Source: DNForum.com

About Secure64 Software Corporation
Secure64® is a software developer providing highly secure DNS and server applications with built-in denial-of-service protection features to help ensure your Internet-dependent business is always accessible. Based on the genuinely secure SourceT® microOS, Secure64 DNS remains highly available during network attacks and is immune to compromise from rootkits and malware.

DNS Security News Index