CloudFlare writes about closing open DNS resolvers. Open DNS resolvers are one of the sources of the biggest DDoS attacks.
This has been a rough week in the security industry with big attacks and compromises reported at companies from Facebook to Apple. We’re therefore happy to end the week with some good news: the web’s open resolvers, one of the sources of the biggest DDoS attacks, are getting closed.[…]
The problem stems from misconfigured DNS resolver software (e.g., BIND) that is setup to respond to a query from any IP address. Since DNS requests typically are sent over UDP, which, unlike TCP, does not require a handshake, an attacker can spoof a victim’s IP address as the source address in a packet and a misconfigured DNS resolver will happily bombard the victim with responses.
Read the full article on CloudFlare’s blog:
If you want to step in to help me cover the costs for running this website, that would be awesome. Just use this link to donate a cup of coffee ($5 USD for example). And please share the love and help others make use of this website. Thank you very much!
My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, websites & optimization.
How to: Protect WordPress from brute-force XML-RPC attacks
Joomla! websites abused as open proxy for Denial-of-Service attacks
SSDP amplified reflective DDoS attacks
WordPress 3.9.2 Security Release fixes XML-RPC DoS
Mod_evasive on IIS
Huge increase in WordPress xmlrpc.php POST requests