SlideShare a Scribd company logo

QD Explaination of DNS Amplification

Download as PPTX, PDF
Allen Baranov
Allen Baranov

A "quick and dirty" explaination of how DNS Amplification attacks are done and why Information Security professionals should know about them.

Technology
1 of 20
Quick And Dirty Introduction to: DDOS Using DNS Amplification By: Allen Baranov, CISSP
Quick And Dirty Introduction to: DDOS Using DNS Amplification By: Allen Baranov, CISSP
Quick and Dirty Introductions are something that I created at my last employer to describe in simple language a pretty complex Information Security concept. -AB
…. The orginals are naturally the intellectual property of the company but now that I am doing them in my free time, these are released under creative commons.
Quick definitions: DDOS – distributed denial of Service You offer a service and someone maliciously overuses the service making it impossible for genuine users to access the service. The attacker uses different routes to be more effective. There may be several attackers.
Quick definitions: DNS– Domain Name Service The distributed service that the Internet uses to convert Human Friendly names to computer friendly IP addresses so you don’t have to remember that www.google.com.au may be accessed at 74.125.237.152
Critical Understanding: How DNS Actually Works. DNS is distributed. When you look up www.example.com.au first your PC looks for “who knows about .au”? then “who knows about .com.au?” then “who knows about “example.com.au?” then “who knows about “www.example.com.au?”
Critical Understanding: How DNS Actually Works. DNS is distributed. I need “www.example.com.au” I know who knows “.au” I know who knows “.com.au” I know who knows “example.com.au” I know who knows “www.example.com.au” www.example.com.au is 1.2.3.4
Critical Understanding: How DNS Actually Works. To speed things up a DNS entry can be cached so if someone asks for the same site then they don’t have to go through the whole process. Also, to make the networking easier – you can use an “agent” server to do all of this for you so you only query one server.
Critical Understanding: How DNS Actually Works. The important bit: DNS is asynchronous. So although a session usually consists of a request and an answer – there is no time taken to set up the session. It would slow down the Internet too much. DNS servers don’t know for sure who performed the query.
Critical Understanding: The Planning Compromised Huge DNS Attacker sets up a long DNS Server Entry DNS entry – the longer, the better. He uses a compromised DNS Server to do this. DNS can be used for storing text messages and this is one popular method for creating huge DNS entries.
Critical Understanding: The Planning Compromised Huge DNS Attacker finds a number of DNS Server Entry DNS Servers that are badly configured. They will pass on recursive DNS entries to anyone. Recursive DNS Servers It is fairly simple to find these servers on the Internet. The more the attacker can find and use – the better for the attack.
Critical Understanding: The Attack Attacker queries the recursive DNS servers asking for the large DNS entry. But he doesn’t use his own IP address. He uses the target IP address. To be more effective he can enlist the help of several (willing or unwilling) accomplices. To be effective the attacker needs to send
Compromised Huge DNS DNS Server Entry Recursive DNS Servers STEP 1 Attacker sends multiple small DNS queries to recursive DNS Servers
STEP 2 The recursive DNS Servers Compromised send small DNS Server queries to the compromised DNS Server. The Huge DNS entry is returned. Recursive DNS Servers
Recursive DNS Servers STEP 3 The recursive DNS Servers send the large DNS entry to the target System each time the attacker sends a request.
Recursive DNS Servers STEP 3b More attackers (distributed) means more Traffic.
Critical Understanding: Why ? For each small DNS request that the attacker performs, a huge response is sent to the target network. This ends up being a very effective way to block up a network with very little impact on the attacker’s own network. The DNS servers are actualy working quit4e normally.They are receiving requests and sending responses. They don’t know that they are sending them
Image License All pictures are distributed either under Creative Commons license or “stock exchange default license” so they may be redistributed. Image Sources: Crowd photo by James Cridland on Flickr http://www.sxc.hu/photo/1 82229 http://www.sxc.hu/photo/2 11248 http://openiconlibrary.sourc eforge.net
License Feel free to redistribute this document and make changes but please credit me, Allen Baranov with the original. Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0)

Recommended

Introduction of Mirai Translate, Inc.
Introduction of Mirai Translate, Inc. Introduction of Mirai Translate, Inc.
Introduction of Mirai Translate, Inc.
Osaka University
 
Drilling Down Into DNS DDoS
Drilling Down Into DNS DDoSDrilling Down Into DNS DDoS
Drilling Down Into DNS DDoS
APNIC
 
Dns reflection attacks webinar slides
Dns reflection attacks webinar slidesDns reflection attacks webinar slides
Dns reflection attacks webinar slides
Men and Mice
 
Avoiding dns amplification attacks
Avoiding dns amplification attacksAvoiding dns amplification attacks
Avoiding dns amplification attacks
Lucas Kauffman
 
Dns Amplification Zafiyeti
Dns Amplification ZafiyetiDns Amplification Zafiyeti
Dns Amplification Zafiyeti
Mehmet VAROL
 
The Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and CaretoThe Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and Careto
Mike Chapple
 
Monitoring for DNS Security
Monitoring for DNS SecurityMonitoring for DNS Security
Monitoring for DNS Security
ThousandEyes
 
Finding Evil In DNS Traffic
Finding Evil In DNS TrafficFinding Evil In DNS Traffic
Finding Evil In DNS Traffic
real_slacker007
 

Recommended

Introduction of Mirai Translate, Inc.
Introduction of Mirai Translate, Inc. Introduction of Mirai Translate, Inc.
Introduction of Mirai Translate, Inc.
Osaka University
 
Drilling Down Into DNS DDoS
Drilling Down Into DNS DDoSDrilling Down Into DNS DDoS
Drilling Down Into DNS DDoS
APNIC
 
Dns reflection attacks webinar slides
Dns reflection attacks webinar slidesDns reflection attacks webinar slides
Dns reflection attacks webinar slides
Men and Mice
 
Avoiding dns amplification attacks
Avoiding dns amplification attacksAvoiding dns amplification attacks
Avoiding dns amplification attacks
Lucas Kauffman
 
Dns Amplification Zafiyeti
Dns Amplification ZafiyetiDns Amplification Zafiyeti
Dns Amplification Zafiyeti
Mehmet VAROL
 
The Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and CaretoThe Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and Careto
Mike Chapple
 
Monitoring for DNS Security
Monitoring for DNS SecurityMonitoring for DNS Security
Monitoring for DNS Security
ThousandEyes
 
Finding Evil In DNS Traffic
Finding Evil In DNS TrafficFinding Evil In DNS Traffic
Finding Evil In DNS Traffic
real_slacker007
 
Security Onion Conference - 2016
Security Onion Conference - 2016Security Onion Conference - 2016
Security Onion Conference - 2016
DefensiveDepth
 
Dns tunnelling its all in the name
Dns tunnelling its all in the nameDns tunnelling its all in the name
Dns tunnelling its all in the name
Security BSides London
 
MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?
Memoori
 
Advanced DNS Protection
Advanced DNS ProtectionAdvanced DNS Protection
Advanced DNS Protection
Srikrupa Srivatsan
 
How IoT Is Breaking The Internet
How IoT Is Breaking The InternetHow IoT Is Breaking The Internet
How IoT Is Breaking The Internet
Carl J. Levine
 
State of the Internet: Mirai, IOT and History of Botnets
State of the Internet: Mirai, IOT and History of BotnetsState of the Internet: Mirai, IOT and History of Botnets
State of the Internet: Mirai, IOT and History of Botnets
Rahul Neel Mani
 
DNS Security
DNS SecurityDNS Security
DNS Security
inbroker
 
Dns security overview
Dns security overviewDns security overview
Dns security overview
Vladimir2003
 
Security of DNS
Security of DNSSecurity of DNS
Security of DNS
Philippe Camacho, Ph.D.
 
IoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat LandscapeIoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat Landscape
APNIC
 
CNIT 40: 1: The Importance of DNS Security
CNIT 40: 1: The Importance of DNS SecurityCNIT 40: 1: The Importance of DNS Security
CNIT 40: 1: The Importance of DNS Security
Sam Bowne
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks
Amazon Web Services
 
DNS Security Presentation ISSA
DNS Security Presentation ISSADNS Security Presentation ISSA
DNS Security Presentation ISSA
Srikrupa Srivatsan
 
From cache to in-memory data grid. Introduction to Hazelcast.
From cache to in-memory data grid. Introduction to Hazelcast.From cache to in-memory data grid. Introduction to Hazelcast.
From cache to in-memory data grid. Introduction to Hazelcast.
Taras Matyashovsky
 
Spamhaus DDoS - FR
Spamhaus DDoS - FRSpamhaus DDoS - FR
Spamhaus DDoS - FR
Matthieu Tourne
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
Christopher Frenz
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
 

More Related Content

Viewers also liked

Viewers also liked (16)

Security Onion Conference - 2016
Security Onion Conference - 2016Security Onion Conference - 2016
Security Onion Conference - 2016
 
Dns tunnelling its all in the name
Dns tunnelling its all in the nameDns tunnelling its all in the name
Dns tunnelling its all in the name
 
MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?
 
Advanced DNS Protection
Advanced DNS ProtectionAdvanced DNS Protection
Advanced DNS Protection
 
How IoT Is Breaking The Internet
How IoT Is Breaking The InternetHow IoT Is Breaking The Internet
How IoT Is Breaking The Internet
 
State of the Internet: Mirai, IOT and History of Botnets
State of the Internet: Mirai, IOT and History of BotnetsState of the Internet: Mirai, IOT and History of Botnets
State of the Internet: Mirai, IOT and History of Botnets
 
DNS Security
DNS SecurityDNS Security
DNS Security
 
Dns security overview
Dns security overviewDns security overview
Dns security overview
 
Security of DNS
Security of DNSSecurity of DNS
Security of DNS
 
IoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat LandscapeIoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat Landscape
 
CNIT 40: 1: The Importance of DNS Security
CNIT 40: 1: The Importance of DNS SecurityCNIT 40: 1: The Importance of DNS Security
CNIT 40: 1: The Importance of DNS Security
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks
 
DNS Security Presentation ISSA
DNS Security Presentation ISSADNS Security Presentation ISSA
DNS Security Presentation ISSA
 
From cache to in-memory data grid. Introduction to Hazelcast.
From cache to in-memory data grid. Introduction to Hazelcast.From cache to in-memory data grid. Introduction to Hazelcast.
From cache to in-memory data grid. Introduction to Hazelcast.
 
Spamhaus DDoS - FR
Spamhaus DDoS - FRSpamhaus DDoS - FR
Spamhaus DDoS - FR
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
 

Recently uploaded

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 

Recently uploaded (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 

QD Explaination of DNS Amplification

  • 1. Quick And Dirty Introduction to: DDOS Using DNS Amplification By: Allen Baranov, CISSP
  • 2. Quick And Dirty Introduction to: DDOS Using DNS Amplification By: Allen Baranov, CISSP
  • 3. Quick and Dirty Introductions are something that I created at my last employer to describe in simple language a pretty complex Information Security concept. -AB
  • 4. …. The orginals are naturally the intellectual property of the company but now that I am doing them in my free time, these are released under creative commons.
  • 5. Quick definitions: DDOS – distributed denial of Service You offer a service and someone maliciously overuses the service making it impossible for genuine users to access the service. The attacker uses different routes to be more effective. There may be several attackers.
  • 6. Quick definitions: DNS– Domain Name Service The distributed service that the Internet uses to convert Human Friendly names to computer friendly IP addresses so you don’t have to remember that www.google.com.au may be accessed at 74.125.237.152
  • 7. Critical Understanding: How DNS Actually Works. DNS is distributed. When you look up www.example.com.au first your PC looks for “who knows about .au”? then “who knows about .com.au?” then “who knows about “example.com.au?” then “who knows about “www.example.com.au?”
  • 8. Critical Understanding: How DNS Actually Works. DNS is distributed. I need “www.example.com.au” I know who knows “.au” I know who knows “.com.au” I know who knows “example.com.au” I know who knows “www.example.com.au” www.example.com.au is 1.2.3.4
  • 9. Critical Understanding: How DNS Actually Works. To speed things up a DNS entry can be cached so if someone asks for the same site then they don’t have to go through the whole process. Also, to make the networking easier – you can use an “agent” server to do all of this for you so you only query one server.
  • 10. Critical Understanding: How DNS Actually Works. The important bit: DNS is asynchronous. So although a session usually consists of a request and an answer – there is no time taken to set up the session. It would slow down the Internet too much. DNS servers don’t know for sure who performed the query.
  • 11. Critical Understanding: The Planning Compromised Huge DNS Attacker sets up a long DNS Server Entry DNS entry – the longer, the better. He uses a compromised DNS Server to do this. DNS can be used for storing text messages and this is one popular method for creating huge DNS entries.
  • 12. Critical Understanding: The Planning Compromised Huge DNS Attacker finds a number of DNS Server Entry DNS Servers that are badly configured. They will pass on recursive DNS entries to anyone. Recursive DNS Servers It is fairly simple to find these servers on the Internet. The more the attacker can find and use – the better for the attack.
  • 13. Critical Understanding: The Attack Attacker queries the recursive DNS servers asking for the large DNS entry. But he doesn’t use his own IP address. He uses the target IP address. To be more effective he can enlist the help of several (willing or unwilling) accomplices. To be effective the attacker needs to send
  • 14. Compromised Huge DNS DNS Server Entry Recursive DNS Servers STEP 1 Attacker sends multiple small DNS queries to recursive DNS Servers
  • 15. STEP 2 The recursive DNS Servers Compromised send small DNS Server queries to the compromised DNS Server. The Huge DNS entry is returned. Recursive DNS Servers
  • 16. Recursive DNS Servers STEP 3 The recursive DNS Servers send the large DNS entry to the target System each time the attacker sends a request.
  • 17. Recursive DNS Servers STEP 3b More attackers (distributed) means more Traffic.
  • 18. Critical Understanding: Why ? For each small DNS request that the attacker performs, a huge response is sent to the target network. This ends up being a very effective way to block up a network with very little impact on the attacker’s own network. The DNS servers are actualy working quit4e normally.They are receiving requests and sending responses. They don’t know that they are sending them
  • 19. Image License All pictures are distributed either under Creative Commons license or “stock exchange default license” so they may be redistributed. Image Sources: Crowd photo by James Cridland on Flickr http://www.sxc.hu/photo/1 82229 http://www.sxc.hu/photo/2 11248 http://openiconlibrary.sourc eforge.net
  • 20. License Feel free to redistribute this document and make changes but please credit me, Allen Baranov with the original. Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0)