A new twist on distributed attacks refusalς υπηρεσίας (DDoS), δημοσιεύτηκε από την Prolexic. The toolbox DNS Flooder is marketed and allows malicious users to use the Toolkit's DNS servers to launch attacks without thinking, and without the need to find open and vulnerable DNS servers on the internet. This DDoS method allows malicious users to launch powerful cyber attacks without having to spend time and money on creation an army of bots with malware infections.
Prolexic's infographic explains how the DNS Flooder toolkit works:
- The toolkit spoofs the IP address of the intended target and generates a DNS request, which is sent to botnet Attacker's DNS.
- Botnets DNS of the attacker return an extended DNS response (EDNS). This EDNS response contains much more data than the original DNS request. In some cases, an extensive response had amplification factors up to 50 times more than the bandwidth of the first request. Because the IP address used in the request was fake, the response is reflected back to the attacker's target.
- The toolbox continues to do so many times, which reflects and enhances the response to the goal each time it is repeated.
For more information on how to stop DDoS attacks from DNS Flooder, visit its Prolexic