DNS vulnerabilities not to be underestimated beware of DDoS attacks

After a short time of quiet, hackers are beginning to itch. Not long ago, the world-renowned hacker arrangement Anonymous (anonymous) revealed that in March 31, the DNS domain name root server proposed large-scale DDoS attacks, so that the global internet falling paralyzed; LulzSec said it would recommend targeted assault on April 1. In fact, March 31, the world's internet users have spent a quiet day, because some of the mainstream microblogging sites in China to choose to close the day to talk about the function, so the internet is even more quiet than ever. As a security professional, Radware security Vice President Carl Herberger no matter how the hacker's irresponsible blackmail laugh, although he did not think that the threat of global interconnection can achieve the intention, but he thought Anonymous, LulzSec and more hacking arrangements will not stop their attacks, seemingly quiet under the surface may be anchao surging.

Even if those Zhang threats are dumb words, let's just assume that if the hackers really want to knock down the internet, how will they do it? In the first mention of the threat, the hacker clearly pointed to the DNS gap, this can also give IT security to the department sounded the alarm? They should pay more attention to the DNS gap in the future, because once the gap of DNS is used, it may bring difficult results.

The four primary DNS slots:

· DNS IPv6 gap--from the "DNS Quad-a attack" to the IPv4 and IPv6 of the interspersed weaving, all of the attackers pointed out a proposed method of DDoS flooding.

• Common DNS server Gaps--shared DNS (BIND, Djbdns, MS, OpenDNS) domain name root server promised to cache domain name records in the case of deleted is still lively. This may not be a gap or a fault, but it is a flaw in the portrayal of DNS.

• Internal blackmail-the intent of today's hackers to suggest aggression is now not just for economic gain. Recently, we see a disturbing trend, and some information security professionals are also involved in the hacker Corps, with the intent of a sense of justice.

• Social engineering-in the past 24 months, the aggressive strategies adopted at the beginning of each of the more damaging networks have been the use of various social engineering gaps (which are mostly seen as an act of aggression aimed at economic interest).

The power of today's hackers to achieve their intentions:

With Anonymous and LulzSec as the representative of the hacker arrangement, after all, what features to end up to achieve the intention? The reason why hackers reach their intentions is mainly due to the following points:

• Crazy Passion--hackers ' morale is a key factor in reaching their intentions.

• Continuous collection of available gaps--anonymous's members gather common sense about the workings, depiction, and security of DNS root domain servers around the world, and identify the weaknesses and potential gaps involved in using and invading.

• Unlimited resources-the resources that hackers can make available depend on the paranoia and madness that they can inspire in the world to advise many followers.

Carl Herberger, vice president of Radware Security, thought: "As long as we insist on high vigilance, and unite all those who are enthusiastic about network security work in the Network Security protection campaign erected a fortified fortress." ”

The original address of this article: http://www.zkddos.com/wendang/jishu/16.html, reprint please indicate the source, at the same time welcome everyone to visit the blog and give comments and suggestions.