A shattering new form of the "denial-of-service" computer attack could be on the rise, according to a company that controls some of the internet's core infrastructure.
In a conventional DoS attack, computers are used to send an overwhelming amount of data to a target machine, disguised as legitimate network traffic. This barrage prevents genuine messages from reaching the target and can even cause its servers to crash. Such attacks are sometimes used to extort money from commercial websites that depend on being online to operate.
The new DoS variant hijacks a key part of the internet's address system – the Domain Name System – to amplify an attack and make it harder to defeat. DNS servers act as a directory service for internet users, so their data requests are routed to the correct destination.
To initiate the new type of attack, a message is sent to a DNS server with a forged return address, matching that of the target computer. The DNS server processes this as a valid request and "returns" the results to the target.
The return contain much more information than the initial request, meaning a few thousand forged messages can result in gigabytes of information being sent to the target. In this way the torrent of data the target computer has to deal with is much greater than if it had been attacked directly.
More at source
News Source:
www.newscientist.com