Google servers attack two Cesidian Root servers


Attacks against root and TLD name servers are variants of what security experts call a DNS DDoS amplification attack (PDF). The attack targets a specific service, the DNS, and attempts to prevent or deny access to that service. A denial-of-service (DoS) is an attack whose objective is to exhaust the resources of a target host (memory, processing capabilities, or Internet bandwidth). The target can be an individual host, such as a DNS name server, or an entire name server infrastructure of a country-specific or generic TLD (eu, ru, com, net, org, etc).

Distributed denial-of-service (DDoS) attacks have scaled up in 2013, according to Arbor Networks' latest Infrastructure Security Report (PDF). A survey of operational security professionals reports that DDoS attacks are the number one threat against their infrastructure.

The problem is compounded by the increase in DNS amplification attacks. These attacks seriously disrupt name resolution service by directing an overwhelming amount of traffic at the communications links that name server operators use to provide service. The targets for such attacks are not limited to root and TLD name servers.

On 12 March 2014, Google servers started performing DDoS attacks in the form of DNS amplification attacks against two of the Cesidian Root's DNS servers. These attacks ended two days later after blocking the responsible IP ranges from Google.

The Hon. Kai Kellner, the UMMOA Minister of Information Technology and Infrastructure, and also the Cesidian Root's Master Root Officer, recently got notice from other Admins who have open resolvers like the Cesidian Root (CRt). Well, they stated that Google is attacking their DNS servers with the same amplification attacks that we have witnessed. So the Hon. Keller has come to the conclusion that Google is doing this intentionally.


Google servers attacked two of our servers
http://www.cesidianroot.eu/news.html

DDoS attacks rise as companies fail to address DNS security
http://www.zdnet.com/ddos-attacks-rise-as-companies-fail-to-address-dns-security-7000025712/

DDoS Attack! Is Regulation The Answer?
http://www.informationweek.com/security/attacks-and-breaches/ddos-attack!-is-regulation-the-answer/d/d-id/1114050

The Worrisome Threat of DNS DDoS Amplification Attacks
http://securityskeptic.typepad.com/the-security-skeptic/the-worrisome-threat-of-dns-ddos-amplification-attacks.html

DNS Amplification Attacks
https://www.us-cert.gov/ncas/alerts/TA13-088A

How to Launch a 65Gbps DDoS, and How to Stop One
http://blog.cloudflare.com/65gbps-ddos-no-problem

Deep Inside a DNS Amplification DDoS Attack
http://blog.cloudflare.com/deep-inside-a-dns-amplification-ddos-attack

DNSSEC and DNS Amplification Attacks
http://technet.microsoft.com/en-us/security/hh972393.aspx

How to defend against amplification attacks
http://www.information-age.com/technology/security/123457736/how-defend-against-amplification-attacks
HMRD Cesidio Tallini [1, 2]
UMMOA Today