1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Subverting protection into DDoS attacks

Discussion in 'Help Net Security' started by RSS, Aug 17, 2016.

  1. RSS

    RSS New Member Member

    On average, DNSSEC reflection can transform an 80-byte query into a 2,313-byte response, an amplification factor of nearly 30 times, which can easily cause a network service outage during a DDoS attack, resulting in lost revenue and data breaches, according to Neustar. DNSSEC was designed to provide integrity and authentication to DNS, which it accomplishes with complex digital signatures and key exchanges. As a result, when a DNS record is transferred to DNSSEC, an extraordinary … More →

    Continue reading...

Share This Page