ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: DNS Amplification Attacks



> -----Original Message-----
> From: Gadi Evron [mailto:ge@xxxxxxxxxxxx] 
> Sent: Saturday, March 18, 2006 1:00 AM
> To: bugtraq@xxxxxxxxxxxxxxxxx
> Cc: full-disclosure@xxxxxxxxxxxxxxxxx
> Subject: DNS Amplification Attacks
> 
> In this paper we address in detail how the recent DNS DDoS 
> attacks work.
> How they abuse name servers, EDNS, the recursive feature and 
> UDP packet 
> spoofing, as well as how the amplification effect works.
> 
> Our study is based on packet captures (we provide with 
> samples) and logs 
> from attacks on different networks reported to have a volume 
> of 2.8Gbps. 
> One of these networks indicated some attacks have reached as high as 
> 10Gbps and used as many as 140,000 exploited name servers.
> 
> In the conclusions we also discuss some remediation suggestions.
> 
> Given recent events, we have been encouraged to make this 
> text available 
> at this time.
> 
> URL: http://www.isotf.org/news/DNS-Amplification-Attacks.pdf
> 
> Please note that this version of this paper is prior to 
> submission for 
> publication and that the final version may see significant revisions.
> 
> Thanks,
> 
> Randy Vaughn and Gadi Evron.
> 



 




Copyright © Lexa Software, 1996-2009.