Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security The Internet IT

DNS Problem Linked To DDoS Attacks Gets Worse 69

Posted by Soulskill from the i-blame-the-schools dept.
itwbennett writes "The percentage of devices on the Internet that are configured to accept DNS queries from anywhere — what networking experts call an 'open recursive' or 'open resolver' system — has jumped from around 50 percent in 2007 to nearly 80 percent this year, according to research sponsored by DNS appliance company Infoblox. As more consumers demand broadband Internet, service providers are rolling out modems configured this way to their customers, said Cricket Liu, vice president of architecture with Infoblox. Georgia Tech researcher David Dagon agreed that open recursive systems are on the rise, in part because of 'the increase in home network appliances that allow multiple computers on the Internet. ... Almost all ISPs distribute a home DSL/cable device. Many of the devices have built-in DNS servers. These can sometimes ship in "open by default" states.' What's worse, says Dagon, is that many of these devices do not include patches for a widely publicized DNS flaw discovered by researcher Dan Kaminsky last year."
This discussion has been archived. No new comments can be posted.

DNS Problem Linked To DDoS Attacks Gets Worse More

DNS Problem Linked To DDoS Attacks Gets Worse

Comments Filter:

  • Re:is this a problem (Score:5, Informative)

    by RiotingPacifist ( 1228016 ) on Sunday November 15, 2009 @10:38AM (#30105686)

    1) If there is a flaw in the software, i can tell you DNS server that I slashdot is at 80.65.228.129 or that your bank resolves to my MITM attack site.
    2) I can use up all of your routers resources and then you can't lookup any sites yourself

  • Re:For starters (Score:2, Informative)

    by Anonymous Coward on Sunday November 15, 2009 @10:48AM (#30105750)

    One reason is to cut the # of queries coming into the ISP's servers. The modem can be a local cache.

  • Re:For starters (Score:1, Informative)

    by Anonymous Coward on Sunday November 15, 2009 @08:01PM (#30110306)

    Why would a cable/adsl modem have an open recursive DNS server? There's not a single reason for that - either use your ISP's autodefined DNS servers, change them to something else or set up your own.

    They don't. What the article is trying to say is that many ISP's are now distributing routers either stand-alone or as a modem/router combo unit. Which are almost always set to the ISP's DNS servers and not just hanging wide open as the article is claiming. Hell, most of these don't have the capability to do more than support either a hardcoded DNS number, or auto-learn it from the cable company's CMTS. I have never seen one that will just take updates from 3rd party DNS, although there is a possiblity if the ISP's DNS is hanging open that it would pass along shoddy information.

    More FUD. For some reason I'm really not surprised.

Slashdot Top Deals

"Experience has proved that some people indeed know everything." -- Russell Baker

Close