Nominet recently resurrected their plan to allow organisations to register second-level .uk domains. So instead of having to register under .co.uk, you could just have a domain name under .uk, like google.uk or yahoo.uk. I don’t really have any strong thoughts on this either way. The advantage is that domain names will become shorter and […]
What is a DNS DDoS amplification attack?
DNS based amplification attacks are constantly in the news at the moment, but what are they and why are they so effective? Watch this short video by Paul Roberts for a quick explanation.
The biggest DDoS attack in history, all due to DNS
There’s been a lot of talk today about a massive DDoS attack that has been running for the past week or so. It has used DNS amplification in order to create a 300Gbps storm of traffic aimed at Spamhaus, the anti-spam site that distributes blacklists of known sites responsible for sending spam email. What is incredible is the […]
CVE-2012-5689: BIND 9 with DNS64 enabled can unexpectedly terminate when resolving domains in RPZ
ISC BIND DNS 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. Please check the ISC knowledgebase for further information […]