Re: [ISN] DDoS Attacks: Variant Foreseen in 2006

From: InfoSec News <alerts_at_private>
Date: Thu, 1 Nov 2012 04:17:27 -0500 (CDT)
Forwarded from: Dave Dittrich <dittrich (at) u.washington.edu>

On 10/30/12 11:51 PM, InfoSec News wrote:
> http://www.bankinfosecurity.com/ddos-attacks-variant-foreseen-in-2006-a-5240

> Meanwhile, one security vendor says it saw elements of these current
> DDoS attacks six years ago.
>
> In April 2006, VeriSign identified the then-new type of DDoS attack 
> known as a domain-naming-system reflector attack. A DNS reflector 
> attack overwhelms a site's Web server with spoofed DNS responses. The 
> vendor even published a white paper about the variant, based on 
> traffic patterns it observed at the time.

Seriously VeriSign?  You discovered this in 2006?  And you are crowing 
about it six years later as a warning of threats to come? You are 11 
years too late.

There has been a description of the first DNS reflection attacks on my 
DDoS web page since 2001. My colleagues and I wrote about the 
Register.com reflected DNS attack in our book on DDoS, published in 
2004. Sometime many years ago, when someone else "discovered" DNS 
reflection attacks, I added more references and added a "What's new in 
DDoS" subsection that reads, "Nothing, really. (Some people are just 
late to the party. ;)"

http://staff.washington.edu/dittrich/misc/ddos/

Sorry, but you really need to do your research more
thoroughly. :)

-- 
Dave Dittrich
dittrich (at) apl.washington.edu
http://staff.washington.edu/dittrich

PGP key:     http://staff.washington.edu/dittrich/pgpkey.txt
Fingerprint: 097B 4DCB BF16 E1D8 A06C  7512 A751 C80A D15E E079


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org 
Received on Thu Nov 01 2012 - 02:17:27 PDT

This archive was generated by hypermail 2.2.0 : Thu Nov 01 2012 - 02:20:07 PDT