Mainstream Media: Researchers Warn of DNS Recursion Attacks

["Fergie" <fergdawg () netzero net>]

Via Yahoo! News.

[snip]

First detected late last year, the new attacks direct such massive amounts of spurious data against victim computers 
that even flagship technology companies could not cope. In one of the early cases examined, the unknown assailant 
apparently seized control of an Internet name server in South Africa and deliberately corrupted its contents.

Experts traced at least 1,500 attacks that briefly shut down commercial Web sites, large Internet providers and leading 
Internet infrastructure companies during a period of weeks. The attacks were so targeted that most Internet users did 
not notice widespread effects.

Ken Silva, the chief security officer for VeriSign Inc., compared the scale of attacks to the damage caused in October 
2002 when nine of the 13 computer "root" servers that manage global Internet traffic were crippled by a powerful 
electronic attack. VeriSign operates two of the 13 root server computers, but its machines were unaffected.

"This is significantly larger than what we saw in 2002, by an order of magnitude," Silva said.

[snip]

More here:
http://news.yahoo.com/s/ap/20060316/ap_on_hi_te/internet_attack

And here:
http://www.us-cert.gov/reading_room/DNS-recursion121605.pdf

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.