Inscrivez-vous maintenant pour un meilleur devis personnalisé!

Nouvelles chaudes

Researchers disclose vulnerability in DNS resolver software

Le 06 mai 2023 Hi-network.com

Researchers at SIDN Labs (the registry for the .nl country-code top level domain (ccTLD)), InternetNZ (the registry for .nz), the Information Science Institute, and the University of Southern California have disclosed a vulnerability in domain name system (DNS) resolver software. Named tsuNAME, the vulnerability can be weaponised to carry out distributed denial of service (DDoS) attacks against authoritative DNS servers. A tsuNAME-related event was observed in 2020 at the .nz authoritative servers, where two domains were misconfigured with cyclic dependencies, causing the total traffic to grow by 50%. It was also found that EU-based ccTLDs experienced a ten times traffic growth due to cyclic dependent misconfigurations. The vulnerability was initially disclosed to vendors and operators, before being made public; in the meantime, Google Public DNS and Cisco OpenDNS -two major public resolver DNS providers -have fixed the vulnerability in their software. More details about tsuNAME are available in the technical report and the security advisory for operators and developers of DNS software.

tag-icon Tags chauds: Sécurité des réseaux Ressources internet critiques

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.
Our company's operations and information are independent of the manufacturers' positions, nor a part of any listed trademarks company.