

Porn Site Feud Spawns New DNS Attack - timf
http://www.csoonline.com/article/print/479169

======
sam_in_nyc
Very clever type of DDOS attack, this "DNS Amplification."

Hacker's computers ping DNS servers with a small packet, like 17 bytes, and
through spoofing, and some sort of Foobar protocol or glitch in the DNS
server, get it to send a 500byte packet to the victim of their choice. The
result is the computers the hackers control produce 25x the amount of traffic
on the victim as they are sending out, and the traffic to the victim appears
to be coming from legit DNS servers!

~~~
timf
The 2k attacker machines --> 750k DNS server ratio is scary. There's a
configuration to makes this possiblity go away... it's just not set by anyone
apparently.

(see [https://www.dns-oarc.net/oarc/articles/upward-referrals-
cons...](https://www.dns-oarc.net/oarc/articles/upward-referrals-considered-
harmful) )

