<$BlogRSDUrl$>
 

This page is powered by Blogger. Isn't yours?

 Feedblitz email:
 RSS: http://linkingintegrity.blogspot.com/atom.xml

 

linking INTEGRITY

Integrity - use of values or principles to guide action in the situation at hand.

Below are links and discussion related to the values of freedom, hope, trust, privacy, responsibility, safety, and well-being, within business and government situations arising in the areas of security, privacy, technology, corporate governance, sustainability, and CSR.

VeriSign details massive denial-of-service attacks - Computerworld, 16.3.06

Computerworld

A sudden increase in a particularly dangerous type of distributed denial-of-service (DDoS) attack could portend big trouble for companies, according to VeriSign Inc.

The Mountain View, Calif.-based company said that about 1,500 organizations worldwide were attacked earlier this year by unknown hackers who employed botnets and Domain Name System (DNS) servers to swamp networks with unmanageable torrents of data.

The attacks, which started on Jan. 3 and ended in mid-February, were notable because they employed an especially devastating kind of DDoS attack, said Ken Silva, VeriSign's chief security officer.

Image from www.cs3-inc.com/ pk_whatisddos.html Such an attack typically involves thousands of compromised zombie systems sending torrents of useless data or requests for data to targeted servers or networks -- rendering them inaccessible for legitimate use.

In this case, attackers sent spoofed domain-name requests from botnets to DNS servers, which processed the requests and then sent replies to the spoofed victims, according to Silva.

“When the number of requests is in the thousands, the attacker could potentially generate a multigigabit flood of DNS replies” directed at the spoofed server, according to a description of such attacks on US-CERT Web site (download PDF).

“This is known as an amplifier attack because this method takes advantage of misconfigured DNS servers to reflect the attack onto a target, while amplifying the volume of packets,” the CERT description said.


Unlike typical DDoS attacks, the volume of data generated by amplifer attacks is greater by several orders of magnitude, Silva said. Though this type of attack is not especially new, the latest wave demonstrates how good hackers are getting at launching them, he said.

“It really demonstrates how much horsepower these people have developed and how efficient they are at developing it,” he said.


Comments

Post a Comment

 

Google

Integrity Incorporated

Site Feed

 Feedblitz email:


 RSS: http://linkingintegrity.blogspot.com/atom.xml


"We shall need compromises in the days ahead, to be sure. But these will be, or should be, compromises of issues, not principles. We can compromise our political positions, but not ourselves. We can resolve the clash of interests without conceding our ideals. And even the necessity for the right kind of compromise does not eliminate the need for those idealists and reformers who keep our compromises moving ahead, who prevent all political situations from meeting the description supplied by Shaw: "smirched with compromise, rotted with opportunism, mildewed by expedience, stretched out of shape with wirepulling and putrefied with permeation.
Compromise need not mean cowardice. .."

John Fitzgerald Kennedy, "Profiles in Courage"

Archives

07.03   08.03   09.03   10.03   11.03   12.03   01.04   02.04   03.04   04.04   05.04   06.04   07.04   08.04   09.04   10.04   11.04   12.04   01.05   02.05   03.05   04.05   05.05   06.05   07.05   08.05   09.05   10.05   11.05   12.05   01.06   02.06   03.06   04.06   05.06   06.06   08.06   09.06   10.06   11.06   01.07   02.07   03.07   04.07   07.07   08.07   09.07   10.07   05.08   06.08