SIDN Labs closes dns – tsunaME vulnerability – computer – news

SIDN Labs, along with other parties, described the vulnerability of DNS, which could be used to exploit solutions for DDOS attacks. Researchers have come up with a solution for the tsunami.

TsuNAME occurs According to researchers For incorrect configuration with troubleshooting solutions Rotation dependence In other words, reciprocity can occur. In their report, the researchers give an example of a solution Name ServerData with example.org See cat.example.With For example.With for mouse.example.org. In that case, the solution servers will not be able to retrieve the IP addresses from the name server information.

In some situations, incorrect configuration will cause a flood of queries because solutions will send DNS queries back and forth between the two domains. A cross-configuration error in early 2020 caused New Zealand’s top-level domain authentication servers to handle more than 50 million traffic, with 800 million to 1.2 billion daily queries. All additional questions related to two domains incorrectly configured. Uses the DNS cache to upload the authentication servers, but if the solution name does not save the server information, it often contacts the servers.

An attacker can use this vulnerability to cause DDOS attacks. Older solutions are particularly vulnerable, but Google’s public DNS solution has become a source of repeated queries. Google fixed the issue and Cisco did this with OpenTNS. Debugging is the process of adding code to bugfixes Rotation dependence Find and put an end to it Queries. Administrators can use open source software Cyclist Check for reciprocal dependencies. The impact was explored Door SIDN Labs, In collaboration with InternetNZ and the USC Institute for Information Sciences. They have a specialty Tsunami-page Set up with more details.