1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Over 100,000 devices can be used to amplify DDoS attacks via multicast DNS

Discussion in 'Network World' started by RSS, Apr 1, 2015.

  1. RSS

    RSS New Member Member

    Over 100,000 devices have a misconfigured service called multicast DNS that accepts requests from the Internet and can potentially be abused to amplify distributed denial-of-service (DDoS) attacks.

    The multicast Domain Name System (mDNS) is a protocol that allows devices on a local network to discover each other and their services. It is used both by PCs and embedded devices like network attached storage (NAS) systems, printers and others.

    The mDNS protocol allows queries to be sent to a specific machine using its unicast address. However, the official specification recommends that when receiving such queries, the mDNS service should check before responding that the address that made the request is located in the same local subnet. If it’s not, the request should be ignored.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page