The fight between a spam fighting company called "Spamhaus" and a web hosting company called "Cyberbunker" has slowed down a majority of the internet by making DNS resolving slow.
The reason behind the attack is that Spamhaus added the IP addresses of cyberbunker to its "spam" list due to Cyberbunker allowing almost any sort of content to be hosted hence also maybe the source for spam. So Cyberbunker attacked back and this attack also affected normal internet users.
The attack was possible because of the large number of vulnerable DNS servers that allow open DNS resolving.Simply put an attack exploiting this type of vulnerability makes use of the vulnerability of the DNS server to increase the intensity of the attack 100 fold.
The origins of these type of attacks goes back to the 1990's to an attack called "smurf attack"
But now the attack method has become more efficient and uses DNS amplification to flood the victim with spoofed requests which are sent to the DNS servers by using a botnet of compromised computers.The attack at its peak reached a speed of 300 Gbps making it the largest DDOS attack in history.
Cyberbunker which claims itself to be a supporter of free speech and defender against the "big bullies" seems to have now have stooped down to their level of using aggressive offensive methods that affect the normal functioning of the internet.This is not the way to go !
The people who run DNS resolvers are also equally responsible for these attacks as its their vulnerable servers that make these attacks possible, the internet community should come up with a PERMANENT solution to this problem.
Please read cloudflare's blog post for a detailed analysis : http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet
The reason behind the attack is that Spamhaus added the IP addresses of cyberbunker to its "spam" list due to Cyberbunker allowing almost any sort of content to be hosted hence also maybe the source for spam. So Cyberbunker attacked back and this attack also affected normal internet users.
The attack was possible because of the large number of vulnerable DNS servers that allow open DNS resolving.Simply put an attack exploiting this type of vulnerability makes use of the vulnerability of the DNS server to increase the intensity of the attack 100 fold.
The origins of these type of attacks goes back to the 1990's to an attack called "smurf attack"
But now the attack method has become more efficient and uses DNS amplification to flood the victim with spoofed requests which are sent to the DNS servers by using a botnet of compromised computers.The attack at its peak reached a speed of 300 Gbps making it the largest DDOS attack in history.
Cyberbunker which claims itself to be a supporter of free speech and defender against the "big bullies" seems to have now have stooped down to their level of using aggressive offensive methods that affect the normal functioning of the internet.This is not the way to go !
The people who run DNS resolvers are also equally responsible for these attacks as its their vulnerable servers that make these attacks possible, the internet community should come up with a PERMANENT solution to this problem.
Please read cloudflare's blog post for a detailed analysis : http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet