Description
Security Talks - DoS and Hijacks
Distributed Denial of Service (DDoS) attacks have been a persistent and ever-growing threat to the availability of networks and services on the Internet. Reflection & Amplification (R&A) is one of the popular DDoS attack types and the DNS is one of the most common attack vectors for this attack type. DNS-based DDoS attacks typically misuse open DNS resolvers by sending them queries with...
The open DNS infrastructure (ODNS) includes all devices that
accept and resolve DNS queries from any client. As an open system,
the ODNS infrastructure is a popular target for attackers who search
for amplifiers of DNS requests, for periodic DNS scan campaigns,
which try to expose the attack surface, and for researchers who
want to learn more about DNS behavior.
Due to the danger...
Domain Name System (DNS) establishes clear responsibility boundaries among nameservers for managing DNS records via authoritative delegation. However, the rise of third-party public services has blurred this boundary. We uncover a novel attack surface, named XDAuth, arising from public authoritative nameserver infrastructure’s failure to isolate data across zones adequately. This flaw enables...
The developer community handles security defects on a regular basis and most organisations now use CVSS (the Common Vulnerability Scoring System framework) to convey vulnerability severity and impact to users of their software products. The laudable objective behind encouraging all software vendors and distributors to use the same metrics system is that enables software administrators to more...