jerick70 - Slashdot User

Submission + - Open DNS Resolvers Center Stage in Massive DDoS Attacks (threatpost.com)

Submitted by msm1267 on Thursday March 28, 2013 @02:37PM

msm1267 writes: While the big traffic numbers and the spat between Spamhaus and illicit webhost Cyberbunker are grabbing big headlines, the underlying and percolating issue at play here has to do with the open DNS resolvers being used to DDoS the spam-fighters from Switzerland. Open resolvers do not authenticate a packet-sender’s IP address before a DNS reply is sent back. Therefore, an attacker that is able to spoof a victim’s IP address can have a DNS request bombard the victim with a 100-to-1 ratio of traffic coming back to them versus what was requested. DNS amplification attacks such as these have been used lately by hacktivists, extortionists and blacklisted webhosts to great success.

Comment Tech Savvy Kids these days (Score 1) 646

by jerick70 on Friday June 22, 2012 @11:07AM (#40411757) Attached to: Ask Slashdot: Good Low Cost Free Software For Protecting Kids Online?

I have dealt with this issue with quite a few of my friends and colleagues. No matter what you do or say in a parenting manner, these kids are going to get on the net and look at what they want. Without a "tool" to enforce the rules, you are pretty much dead in the water. Kids these days are so tech savvy that you have to use a sledge hammer where a ball-peen would have worked a few years ago. You use a program on the computer and they find a way to uninstall it or bypass it. You try a DNS service and they use Tor to bypass it. The only thing that I have found that works "MOST" of the time is a security gateway like Astaro or Untangle. And then you have to lock the modem and gateway in a closet so they can't get to it. These are both free for home use and work very well.

Slashdot Top Deals