Results for dns

Business and Technology

FortiDDoS Launches Support for FortiGuard Domain Reputation Service for IoT and Botnet Based DDoS Attack Mitigation

The FortiGuard Domain Reputation Service License for FortiDDoS is yet further ammunition to use against the growing threat of the IoT and botnet attacks, which are easier than ever to launch due to proliferation of open source code for such attacks, and growing availability of vulnerable devices.

By Hemant Jain September 06, 2017

Threat Research

Internet In Danger: Analysis of ISC Bind Patch (part 2)

In this second part article, we analyze two recent vulnerabilities in ISC BIND identified as CVE-2016-1286 and CVE-2016-2088. Based on advisories, these bugs can be triggered using a malformed DNAME record (CVE-2016-1286) or an OPT COOKIE records (CVE-2016-2088). These two bugs share the same attack scenario that can only be triggered when a BIND server makes a request and then receives a malformed response. Based on this requirement, recursive servers are at highest risk to this attack, because it’s not straightforward to ask an authoritative-only...

By Amir Zali April 01, 2016

Threat Research

Internet In Danger: Analysis of ISC Bind Patch (part 1)

The Internet Systems Consortium just released a couple of days ago a new patch (version 9.10.3-P4) to fix some issues in the most popular DNS server software in the world. The release note is available at https://kb.isc.org/article/AA-01363/81/BIND-9.10.3-P4-Release-Notes.html In this series of two articles, we will detail our investigation of these vulnerabilities and how we were able to protect our customers by deploying widely our detection. ISC released a patch for the BIND rndc control channel DoS vulnerability (CVE-2016-1285)....

By Dehui Yin March 29, 2016

Threat Research

Internet Kill Switch Found?

Last week, the Internet Systems Consortium (ISC) released a critical update to its popular software, BIND. BIND is almost everywhere on the Internet, acting as a DNS name server. DNS is a network service used to translate human-readable domain names to numeric identifiers called IP addresses and vice-versa. The update was in response to a recently discovered DoS vulnerability (CVE-2015-5477), which can be exploited to take down the vulnerable BIND server remotely. ISC released an urgent patch for this vulnerability due to its severity. Only...

By Dehui Yin August 12, 2015