DNS Attack: Possible Botnet Sales Pitch

DNS Attack: Possible Botnet Sales Pitch
Dark Reading’s report on the ICANN fact sheet regarding last month’s denial of service attack also largely quotes from the fact sheet. Dark Reading quotes David Ulevitch, CEO of OpenDNS and EveryDNS who says “They mentioned that it might be someone trying to show the ‘strength’ of their botnet-for-hire,’ Ulevitch says. ‘Not a test-run for a larger attack against the roots [themselves], but a way for an attacker to show the disruptive potential of their botnet to someone who might purchase it from them to cause harm against other less fortified victims.’ Ulevitch also “says another attack on the DNS root servers is likely, but it shouldn’t ‘destabilize’ DNS root operations.” Dark Reading concludes wondering “whether the recommendations for thwarting future DNS infrastructure attacks will fall on deaf ears”. “‘Getting ISPs to implement source filtering and turning of open-recursive lookups has been an ongoing battle for many years — and one with only limited success,’ says Craig Labovitz, director of engineering at Arbor Networks. ‘And while reflective attacks provide an easy way for zombies to attack [and] multiply firepower, it is not clear reflection played a significant role in the most recent attacks.'” Further, “Labovitz says he agrees with the ICANN report that massively replicating servers and anycast is the best plan for now.”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.