TsuNAME: New DNS Bug could be used to DDoS Authoritative DNS Servers
Security researchers have found extreme domain name system (DNS) fixes that hackers may use to conduct constructive denial-of-service attacks on authoritative DNS servers. The bug they refer to as TsuNAME has been discovered by researchers from SIDN Labs and InternetNZ. The bug is a humongous reflection-based distributed denial of service (DDoS) amplification function attacking authoritative DNS servers.
Authoritative DNS servers are translated into IP addresses, such as 64.233.160.0, through web domains along like, www.google.com. One must realize the distinction between an authoritative and recursive DNS server to consider the context of the vulnerability and its functions.
Authoritative DNS servers, like Internet Service Providers (ISPs) and global tech giants, are usually operated by government and private sector organizations. Attackers trying to take advantage of the complexity of TsuNAME DNS target insecure recidivism resolutions to overload reputable servers, including large numbers of malicious DNS queries.
“Resolvers vulnerable to TsuNAME will send non-stop queries to authoritative servers that have cyclic dependent records,” the researchers explain in their security advisory.
“While one resolver is unlikely to overwhelm an authoritative server, the aggregated effect from many looping, vulnerable recursive resolvers may as well do.”
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.