CloudFlare writes about closing open DNS resolvers. Open DNS resolvers are one of the sources of the biggest DDoS attacks.
Closing the open DNS resolvers #
This has been a rough week in the security industry with big attacks and compromises reported at companies from Facebook to Apple. We’re therefore happy to end the week with some good news: the web’s open resolvers, one of the sources of the biggest DDoS attacks, are getting closed.
The problem stems from misconfigured DNS resolver software (e.g., BIND) that is setup to respond to a query from any IP address. Since DNS requests typically are sent over UDP, which, unlike TCP, does not require a handshake, an attacker can spoof a victim’s IP address as the source address in a packet and a misconfigured DNS resolver will happily bombard the victim with responses.
Read the full article on CloudFlare’s blog:
Please Support Saotn.org
Each post on Sysadmins of the North takes a significant amount of time to research, write, and edit. Therefore, your donation helps a lot! For example, a donation of $3 U.S. buys me a cup of coffee, and as you know: things jsut work better with coffee. A $10 U.S. donation buys me one month of web hosting (yes, hosting costs money). But seriously, thank you for any amount. Much appreciated!
Please donate to support this site if you found a post interesting or if it helped you solve a problem. Thanks! (Tip: no Paypal account required)