Tobias Davis
UNL Mechanical Engineer Major
On February 23, Monday night around 9:30 pm, while browsing the Internet, multiple users in the Lincoln area experienced severe slowdown of major name web-sites: Yahoo!, Google, and Blogger were entirely inaccessible, and, of over eighty bookmarked main-stream news sites, the only two that managed to display took several minutes to load basic text. All advertising images would not display, the only good thing about this problem, and since search functions are outsourced on many sites, searching was practically impossible across the entire web.
After some research, the temporary failure of the Internet was found to be more widespread than the local city area. The cause of this Internet failure has been traced to a specialized Denial of Service (DoS) attack called DNS amplification.
In a normal DoS attack, a black-hat hacker floods a server with requests for data, this overloads the server and slows it down so much that other users cannot retrieve data. Most servers are able to handle DoS attacks, however, the DNS amplification attack is a more recent development.
The DNS server is, in a practical way, the phone book of the Internet. When you type in "google.com", that address is turned into an IP address analogous to a phone number. The DNS amplification attack makes a request for the entire "phone book" list to get sent to another server. This book is a very large list, and the transfer rate can eat up over 5 GB per second of bandwidth.
Information does not indicate that the DNS attack which slowed down the Lincoln area Internet service was from a Lincoln server. In fact, information on this issue is typically hard to acquire, since information on the failure of a DNS server against such an attack is held pretty tightly due to business investor concerns.
While DNS amplification attacks can be stopped with newly updated DNS server software, the new software requires more administration to run and has not been highly utilized. Since the software bug has not been fixed on many DNS servers, and the technique is becoming more widely used, you can expect significant delays in Internet browsing to occur more frequently.
February 26, 2009
Internet failure tied to DNS software
Posted by Code Walrus at 2:14 PM
Labels: Tobias Davis
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment