 |
freedns.afraid.org DNS Security Overcome by DDoS AttackDDoS DNS attack lasted several days, numerous clients impactedAugust 4, 2006 - freedns.afraid.org, a free Domain Name Service (DNS) provider with clients worldwide, came under heavy fire. It was hit hard by Distributed Denial of Service (DDoS) attacks. The targeted DNS servers were brought down, causing outages that affected many clients. The DDoS DNS attack lasted for several days. Freedns.afraid.org had one DNS server on a protected network and one DNS server on an unprotected network. It also had four IPs running NS servers, with two NS IPs on each DNS server. Apparently this was not enough to address the DDoS attack. In response to the DDoS attack the Web master moved the authoritative DNS server to a different IP address. The company's clients experienced frequent outages due to caching and propagation delays until all of the nameservers from all over the world updated their stale caches. Because freedns.afraid.com was a free service, it did not have the financial means to hire anti-DDoS security companies. Instead, the Web master proposed to expand the network, add one backend database and Web server, four separate DNS slaves on protected networks, and 16 IPs per DNS slave (each running 16 DNS server instances). In a DDoS attack a hacker usually uses a botnet, a network of enslaved computers placed under the hacker's control. The botnet receives remote commands and executes them. In a successful DDoS attack, all the enslaved computers send huge amounts of requests to the targeted company's DNS servers, flooding the DNS servers with data. All these requests look legitimate so the DNS security measures are useless. Source: Search IRC About Secure64 Software Corporation
|
|
|