Academic institutions urged to improve network and DNS configurations
Posted on 10 May 2013.
The Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) has issued an alert to IT security staff, and network and DNS administrators urging them to improve their network and DNS configurations to prevent their institution from being an unwitting partner in DoS attacks.

"These attacks may exploit thousands of institutional DNS servers to create an avalanche of network traffic aimed at a third-party victim. The traffic sourced by any single institutional system may be small enough to go unnoticed at the institution; however, the aggregate experienced at the target can be crippling," writes Doug Pearson, Technical Director at REN-ISAC.

"A recent attack generated over 300 gigabits per second of traffic aimed at the victim organization. To put that in context, most universities and organizations connect to the Internet at 1 Gbps or less. In this incident not only was the intended victim crippled, Internet service providers and security service providers attempting to mitigate the attack were adversely affected. Given history and the success of recent attacks, we expect that attacks will rise in frequency and magnitude in the months ahead."

The alert includes a series of recommended steps for the administrators to take, as well as a number of related good practices.

"Open recursive resolvers, authoritative DNS severs (especially when zones are DNSSEC signed), and networks that do not prevent source address spoofing create an environment on the Internet where DNS amplification DDoS attacks of great magnitude can be achieved," he pointed out.

"Too many higher education institutions contribute to this known and avoidable problem."


Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Tue, Sep 30th