Massive DDoS Attack Hits ‘EveryDNS’

'EveryDNS' offers free services of 'domain name management'. Recently, when a colossal DDoS (Distributed Denial of Service) attack struck the company. It affected thousands of sites. One of them was 'OpenDNS', an offshoot startup that is in charge of the 'PhishTank Anti-Phishing Initiative'. The 'botnet attack' powered at 400mbps made no impact on the 'core recursive DNS (Domain Name System) resolution service of OpenDNS. However, the company's home page & corporate bog were held up for an hour and a half on December 1, 2006.

A note on EveryDNS Website announced the company's experience of a large 'denial of service' attack starting on Friday, December 1st. It said that the company had taken steps to lessen the severity of the attack and that site services were restored within a couple of hours. A more detailed write-up would be posted on Monday, December 4th, it noted. It was the first time that a DDoS attack made such a massive impact on their service. The company had set to make a plan to improve its architecture to better handle such a situation. It was taking serious actions and was tracking on those responsible.

The attack seemed to target websites that used free 'DNS management services'. OpenDNS CEO David Ulevitch explained that it was a 'collateral damage' that was aiming the DNS provider of these sites while the company was the sufferer.

Due to the involvement of law enforcement, Ulevitch was reluctant to disclose information about actual target. However, there were indications that some targets were "nefarious domains" , which have since been withdrawn.

Explaining the real problem Ulevitch said that the 'network providers' are reluctant to do any aggressive filtering. They just block the traffic to prevent the attack, but that's exactly what the attackers aim. They want to knock the user offline and while the network providers take the short cut, attackers accomplish their objective.

Ulevitch said that PhishTank using its own DNS was unaffected. Ulevitch was always concerned about PhishTank being a major target but in this case the target was elsewhere. OpenDNS has determined the targets and it has suspended a batch of domains.

Related article: McAfee Alerts Windows about Accessibility Hole in Vista

» SPAMfighter News - 12/7/2006