Version: 2008

Comments on: New denial-of-service threat emerges

Attacks targeted 1,500 IP addresses and delivered a heftier blow than normal DOS threats, VeriSign security chief says.

Add a Comment (Log in or register) (5 Comments)
  • prev
  • 1
  • next
This is just PR for VeriSign
by andrew999999999 March 16, 2006 3:47 PM PST
This is just a PR campaign by VeriSign to try to defend attacks about its new .com price hike agreement:
http://domainnamewire.com/2006/03/16/verisign-spin-machine-moves-into-high-gear/
Reply to this comment
Wrong
by Seaspray0 March 17, 2006 6:20 AM PST
It's a story about a new type of DOS attack. Since the attack goes through DNS servers, it is related to verisign as they are in the business of providing DNS services to the internet. The story, in no way, is good information about verisign as they currently have no way of stopping this type of attack, so how can you claim it PR?
ISN'T THIS OLD
by Jeremiah256 March 17, 2006 5:00 PM PST
Correct me if I'm wrong but isn't this just DR-DOS - Distributed Reflection Denial Of Service? It's been documented since at least 2002. Search around Steve Gibson's website (http://grc.com). He documents how he upset some kid and got blasted off the net by a DR-DOS attack using some of the internet's most power servers.
Reply to this comment
What ever happened to 3-way handshakes?
by wbenton March 19, 2006 7:58 AM PST
DNS replies are returned to DNS requests. Thus if the requester drops anything that doesn't match the 3-way handshake... the problem can be staved off.

3-way handshaking has been around for quite a few years now and thus it's nothing new... except for those whom have yet to implement it.

Thus even if you receive a DNS reply which you didn't ask for... 3-way handshaking should drop the packet because it wasn't requested... even if it's from your own DNS server!

Walt
Reply to this comment
RE: THREE WAY HANDSHAKE
by Jeremiah256 March 19, 2006 7:21 PM PST
Someone correct me if I'm wrong but I think the problem is the amount of packets sent to your site. If your site drops it and the DNS server doesn't receive a response, correct me if I'm wrong, it'll try again a few more times assuming the packet was dropped. These people are collecting the address of vast numbers of DNS servers (and other servers) and will spoof your site at all of them. It becomes a bandwidth issue.
(5 Comments)
  • prev
  • 1
  • next
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET