CloudFlare writes about closing open DNS resolvers. Open DNS resolvers are one of the sources of the biggest DDoS attacks.

Closing the open DNS resolvers

This has been a rough week in the security industry with big attacks and compromises reported at companies from Facebook to Apple. We’re therefore happy to end the week with some good news: the web’s open resolvers, one of the sources of the biggest DDoS attacks, are getting closed.

[…]

The problem stems from misconfigured DNS resolver software (e.g., BIND) that is setup to respond to a query from any IP address. Since DNS requests typically are sent over UDP, which, unlike TCP, does not require a handshake, an attacker can spoof a victim’s IP address as the source address in a packet and a misconfigured DNS resolver will happily bombard the victim with responses.

Read the full article on CloudFlare’s blog:
http://blog.cloudflare.com/good-news-open-dns-resolvers-are-getting-clos

Categories: Security

Jan Reilink

My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, WordPress, websites & optimization. Want to support me and donate? Use this link: https://paypal.me/jreilink.

Leave a Reply

Your email address will not be published. Required fields are marked *

18 queries, 0.143 seconds running PHP version 7.3.2