DNS Servers are Under Fire (News Release)   - 1,433 Views,

WATERLOO, ON, May 24 /PRNewswire/ - The number and severity of DNS
(Domain Name Service) server attacks have risen sharply on networks around the
globe, as phishers, pharmers and other malicious code writers embrace the
latest way to circumvent traditional forms of mitigation.

Sandvine, world leader in intelligent broadband management solutions for
Internet service providers has observed an increase in server attacks,
particularly DNS attacks on broadband networks. DNS servers are suddenly
overwhelmed by a glut of spoofed DNS requests and responses, causing the
server to process requests slower and slower until it eventually fails
entirely - impacting subscribers’ ability to use the Internet for the duration
of the attack.

Sandvine Security Operations Services team has identified increases where
single attackers performed over 1000 times the normal amount of lookups on a
DNS server in a 12-hour period. These attackers are engaging in a form of DNS
attack called DNS poisoning - the act of tainting the server’s cache with
incorrect routing information so illegitimate sites appear in a browser
despite a legitimate web address being requested.

One successful poisoning attempt could affect many thousands of users,
and result in droves of subscribers being taken to exploitive sites that bilk
them of their personal information, steal their identity, download malware
(worms, spyware, adware, etc.) onto their computers, or bombard them with
irrelevant advertisements - even though they typed in the correct URL into
their browser or followed the right hyperlink. Poisoning can be accomplished
by individual computers or by networks of ‘zombie’ computers directly on the
ISP’s network or spread around the world.

As threatening as DNS attacks and poisoning are to the personal-
information integrity of subscribers, the damage is compounded for broadband
service provider networks. DNS attacks are responsible for overwhelming DNS
servers to the point of failure, causing massive, wide-scale service outages.
This results in subscriber churn, destroys brand equity, and can cost millions
in subscriber refunds, not to mention the substantial financial burden of
trying to identify and alleviate the problem.

“Broadband service providers must protect their network and subscribers
with multi-layered, network-based approaches,” said Don Bowman, VP, Consulting
Systems Engineering, Sandvine Incorporated. “Attacks and malicious code are
becoming more and more evasive and targeted. Service providers need to
proactively monitor their networks for threats and respond in real-time to
shut down these attacks.”

For a trend analysis on this Internet phenomenon, visit
http://www.sandvine.com/solutions/snapshot_DNS_attack.asp