Skip to content

Current DNS Security Solutions Won’t Protect You!

January 8, 2015 | EfficientIP

Get the latest news, invites to events, and much more

Current DNS Filtering Security Solutions Won’t Protect You!

Reading, UK, January 8th, 2015: On Dec 22nd, Rackspace stated on their official Google+ page that their DNS suffered a DDoS attack on 3 of their data centers. Their services were restored after 12 hours. When they discovered the attack they tried to mitigate it by blocking inbound traffic. Most of the time the blocking mechanism is done through filtering of DNS queries; unfortunately, it is very difficult and almost impossible to filter legitimate versus non-legitimate traffic.

The impact of filtering can result in the blocking of legitimate traffic. Rackspace said that “In order to stabilize the issue, our teams placed the impacted DNS infrastructure behind mitigation services. This service is designed to protect our infrastructure, however, due to the nature of the event, a portion of legitimate traffic to our DNS infrastructure may be inadvertently blocked. Our teams are actively working to mitigate the attack and provide service stability.”

They added later on that, “After blocking the majority of the inbound DDoS attack earlier in the morning some DNS servers that were sending both legitimate and DDoS traffic to Rackspace were blacklisted.” The filtering protection mechanism can even become a driving mechanism used by hackers at the expense of the customer it is supposed to protect. To avoid the risk of «false positive», the filtering system should be able to start analyzing at the DNS transaction level over some time to rebuild all DNS messages (queries, responses, fragments, recursions) and resolutions requested by customers. The system should store, index, and analyze very large amounts of data while answering simultaneously legitimate traffic, all without causing additional latency in time.

With existing solutions, it is almost impossible to achieve and the unfortunate events that Rackspace experienced prove this. Read More

Simplify & Secure Your Network

When our goal is to help companies face the challenges of modern infrastructures and digital transformation, actions speak louder than words.