Tag Archives: DDoS

Juniper fixes router DoS vulnerability

0
Posted by Tech Paranoia on January 8, 2010 – 10:00 am
Filed under Firewalls, Patches
Tagged as , ,

Networking supplier Juniper has released an update to fix a DoS vulnerability in its routers. The vulnerability can reportedly be exploited to force a router reboot using specially crafted TCP packets. For a successful attack, the packet must include a specific combination of TPC options and must be addressed to a service that is running on the router. However, the first TCP packet sent apparently already triggers the flaw. A full 3-way handshake is not required. Transient packages which are only being forwarded don’t cause the router to crash and reboot.

Since Juniper only makes advisories available to its customers and partners, no further details have officially become available. The independent “Praetorian Prefect” blog, however, offers information about the vulnerable versions. According to the blog, routers running JUNOS 9.x, 8.x or 7.x with a release date before the 28th of January 2009 are vulnerable. While versions 3.x, 4.x, 5.x and 6.x are also thought to be affected, these versions are no longer officially supported by the vendor.

No fully functional workaround apart from installing the update is said to be available – simply filtering TCP packets via the firewall is reportedly insufficient. Juniper recommends that customers implement anti-spoofing measures to detect packets with a bogus sender address. Various ISPs reportedly already updated their core routers at the beginning of January.

Source: H Online

DDoS Attack Takes Down Amazon, Wal-Mart

0
Posted by Tech Paranoia on December 24, 2009 – 12:08 pm
Filed under Hacks
Tagged as

If you’ve been doing some last-minute Amazon holiday shopping on Wednesday evening, you’ve probably noticed that Amazon’s website was sluggish and, at times, completely down. The same fate greeted Wal-Mart, Expedia and a number of smaller sites. The reason? A severe DDoS (Distributed Denial of Service) attack on the servers of Neustar, the company that offers DNS services to many major companies under the name UltraDNS.

The attack that started at 4:45 p.m. PST and lasted for about an hour, but it was quite severe, especially because it also affected Amazon’s S3 and EC2 services (upon which many other web services rely), as tweeted by Amazon’s lead Web Evangelist, Jeff Barr. Currently, Amazon’s Service Health Dashboard shows that their services are working normally.

Luckily, Neustar managed to quickly mitigate the attack and contain it to the area of Northern California. According to Allen Goldberg, vice president of corporate communications for Neustar, the company reacted to the attack within minutes. The source of the attack is currently unknown.

Source: Mashable

DNS Problem Linked to DDoS Attacks Gets Worse

0
Posted by Tech Paranoia on November 16, 2009 – 10:30 am
Filed under Security
Tagged as ,

Internet security experts say that misconfigured DSL and cable modems are worsening a well-known problem with the Internet’s DNS (domain name system), making it easier for hackers to launch distributed denial-of-service (DDoS) attacks against their victims.

More at: PC World