|
Another DDOS slipped by almost unnoticed (thanks Arnt). A report in Datanews (http://datanews.rnews.be/nl/ict/nieuws/nieuwsoverzicht/2011/04/04/botnet-viseert-belgie/article-1194984299269.htm# in Dutch) mentions that the .be domain was under attack last Sunday. Requests were being made of the servers relating to MX records for other domains. The .be name servers do not look after this information and correctly responded. However the end result was that two out of the 8 servers were overloaded. Even should the other servers be overloaded the TLD is anycast hosted and another 41 or so servers could jump into action. Hence the attack went largely unnoticed by the public. Mark H |
Mark 392 Posts ISC Handler Apr 5th 2011 |
| Thread locked Subscribe |
Apr 5th 2011 1 decade ago |
|
This is a wrong article and the result of publishing before the facts are known. The facts are that a botnet was badly configured and so searched for wrong addresses over and over again. This has been established by CERT.be and FCCU.be and was published a bit later. http://datanews.rnews.be/nl/ict/aanval-op-be-was-mislukte-spamactie/article-1194985579030.htm
also the dns infrastructure itself was never totally hampered. But it shows that ddos protection is now one of the priorities for every critital infrastructure and webservice. |
Anonymous |
| Quote |
Apr 11th 2011 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
