Forwarded from: Dave Dittrich <dittrich (at) u.washington.edu> On 10/30/12 11:51 PM, InfoSec News wrote: > http://www.bankinfosecurity.com/ddos-attacks-variant-foreseen-in-2006-a-5240 > Meanwhile, one security vendor says it saw elements of these current > DDoS attacks six years ago. > > In April 2006, VeriSign identified the then-new type of DDoS attack > known as a domain-naming-system reflector attack. A DNS reflector > attack overwhelms a site's Web server with spoofed DNS responses. The > vendor even published a white paper about the variant, based on > traffic patterns it observed at the time. Seriously VeriSign? You discovered this in 2006? And you are crowing about it six years later as a warning of threats to come? You are 11 years too late. There has been a description of the first DNS reflection attacks on my DDoS web page since 2001. My colleagues and I wrote about the Register.com reflected DNS attack in our book on DDoS, published in 2004. Sometime many years ago, when someone else "discovered" DNS reflection attacks, I added more references and added a "What's new in DDoS" subsection that reads, "Nothing, really. (Some people are just late to the party. ;)" http://staff.washington.edu/dittrich/misc/ddos/ Sorry, but you really need to do your research more thoroughly. :) -- Dave Dittrich dittrich (at) apl.washington.edu http://staff.washington.edu/dittrich PGP key: http://staff.washington.edu/dittrich/pgpkey.txt Fingerprint: 097B 4DCB BF16 E1D8 A06C 7512 A751 C80A D15E E079 ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.orgReceived on Thu Nov 01 2012 - 02:17:27 PDT
This archive was generated by hypermail 2.2.0 : Thu Nov 01 2012 - 02:20:07 PDT