DNS Servers under Attack - Enclave Security

This is not a Conficker related blog post. There is a bigger story on the radar from last week. Major web service providers have been intermittently off line with what seems to be major Distributed Denial-of-Service (DDoS) attacks against DNS providers.

An attack against DNS provider NeuStar on Tuesday morning disrupted Amazon’s S3 cloud computing service, along with the Amazon.com store. Other sites affected included Salesforce.com, IMDB.com and Petco.com. In the NeuStar attack, John Schneidawind, a company spokesman, initially denied that its service was shut down. “Contrary to previous press reports you may have seen, at no time was our UltraDNS service shut down, offline or anything of the sort,” he told SCMagazineUS.com in an email. The UltraDNS service was “hit by a huge volume of completely legitimate-looking DNS queries, which all appeared to come from legitimate DNS servers, all asking for data on the true attack targets,” wrote Tier1 Research Vice President Dan Golding in a report. “NeuStar couldn’t block the apparent source without causing an entirely different sort of outage.” UltraDNS was returned to normal service after only a few hours, but the outage made some websites impossible to reach. NeuStar later confirmed the DoS attacks as massive, according to reports.

On Wednesday, Register.com was the next DNS provider to get hit. On Wednesday night and again Thursday afternoon, Register.com, was out of service for several hours because of a suspected DDoS attack. Web sites and domains hosted by Register.com did not resolve and the company’s home page was unavailable. Many customers’ websites disappeared.

During the Register.com outage, the company provided little information to its customers, other than a notice on Twitter that said: “Register.com is having intermittent service issues — we have everyone working on it. Will provide an update soon.” As of Thursday, Register.com support staff is now actively telling customer’s over-the-phone that the company’s servers are definitely currently under fire from some form of DDOS.

From the sounds being heard from disgruntled customers, Register.com is poised to lose a lot of business from this fiasco. Check out some of the tweeks:

To keep an eye on this situation, check out the SANS Internet Storm Center for additional information and updates:

http://isc.sans.org/diary.html?storyid=6121

M	T	W	T	F	S	S
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Please Share This Share this content

You Might Also Like

Microsoft offers $250,000 reward

“A Complete Revolution in Federal Cybersecurity”

Company Wants to Keep Botmaster Criminal as SysAdmin After Time Served

Share this content