Cookies on Pinsent Masons website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this

If you want to use the sites without cookies or would like to know more, you can do that here.

New Denial of Service threat emerges

Hackers have found a new way of initiating and targeting Denial of Service attacks, according to Ken Silva, chief security officer for domain registry VeriSign. He warns that the new attacks are larger than anything seen so far, according to reports.17 Mar 2006

Advert: Infosecurity Europe, 25-27 April 2006, Olympia, LondonThe typical Denial of Service (DoS) attack involves flooding a server with data – sometimes just thousands of emails – to the point where it collapses. More advanced attacks are launched simultaneously from a network of several machines – known as Distributed DoS, or DDoS attacks.

The new form of attack, described by experts as a distributed reflector denial of service, goes a stage further, using not simply a network of compromised PCs (known as bots), but domain name servers.

Domain name servers are the computers that match up Internet Protocol (IP) addresses with their appropriate domain name, and are therefore vital in directing internet traffic across the globe.

Hackers are now using their bots to send queries to the domain name servers, but using the address of the site or firm they have targeted as the return address for the query, according to Silva. This means that the domain name server attacks the target each time it responds to a query, and because it is hard to block these responses – as domain name servers legitimately send out so many – the attack is much more difficult to stop.

Silva told CNET that the registry had seen such attacks launched against at least 1,500 separate IP addresses since they first emerged in December.