topic DNS NXNAattack bug in Industry News https://community.isc2.org/t5/Industry-News/DNS-NXNAattack-bug/m-p/35858#M4526 <P>Hi All</P><P>&nbsp;</P><P>Another attack on poor old DNS:&nbsp; It is hard to believe in this technological world, we remain reliant on this insecure service.</P><P>&nbsp;</P><P>"Dubbed NXNSAttack, <A href="http://www.nxnsattack.com/shafir2020-nxnsattack-paper.pdf" target="_blank" rel="nofollow noopener">the flaw</A> [PDF] can be abused to pull off a classic amplification attack: you send a small amount of specially crafted data to a DNS server, which responds by sending a lot of data to a victim's server. If you have an army of hacked PCs or devices – a botnet – at your command, and can find a DNS service that's vulnerable, you can theoretically generate enough network traffic to overwhelm a victim's system and knock it offline for all users."</P><P>&nbsp;</P><P><A href="https://www.theregister.co.uk/2020/05/21/nxnaattack_bug_disclosed/" target="_blank">https://www.theregister.co.uk/2020/05/21/nxnaattack_bug_disclosed/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_cautim</P> Thu, 21 May 2020 22:08:14 GMT Caute_cautim 2020-05-21T22:08:14Z DNS NXNAattack bug https://community.isc2.org/t5/Industry-News/DNS-NXNAattack-bug/m-p/35858#M4526 <P>Hi All</P><P>&nbsp;</P><P>Another attack on poor old DNS:&nbsp; It is hard to believe in this technological world, we remain reliant on this insecure service.</P><P>&nbsp;</P><P>"Dubbed NXNSAttack, <A href="http://www.nxnsattack.com/shafir2020-nxnsattack-paper.pdf" target="_blank" rel="nofollow noopener">the flaw</A> [PDF] can be abused to pull off a classic amplification attack: you send a small amount of specially crafted data to a DNS server, which responds by sending a lot of data to a victim's server. If you have an army of hacked PCs or devices – a botnet – at your command, and can find a DNS service that's vulnerable, you can theoretically generate enough network traffic to overwhelm a victim's system and knock it offline for all users."</P><P>&nbsp;</P><P><A href="https://www.theregister.co.uk/2020/05/21/nxnaattack_bug_disclosed/" target="_blank">https://www.theregister.co.uk/2020/05/21/nxnaattack_bug_disclosed/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_cautim</P> Thu, 21 May 2020 22:08:14 GMT https://community.isc2.org/t5/Industry-News/DNS-NXNAattack-bug/m-p/35858#M4526 Caute_cautim 2020-05-21T22:08:14Z