Global Root Server System DDoS Attack

Global Root Server System Stands Firm Against DDoS Attack, Overnight attempts to disrupt global computer traffic were foiled in part thanks to the RIPE NCC managed K-root server.

A Distributed Denial of Service (DDoS) attack appeared to target at least five of the thirteen root name servers early Tuesday morning, according to the RIPE NCC’s preliminary analysis. The attacks caused two of the root name servers to stop responding to up to 90% of queries. However, the other root name servers, including the RIPE NCC managed K-root, kept the Internet working during this time.

The Internet relies on thirteen root name servers deployed globally to manage traffic between computers connected to the Internet. They are referred to by letters of the alphabet running from A to M. Together the root name servers help to translate human readable names (like www.ripe.net) to network addresses which are used to route Internet traffic all over the world. To ensure stability, no one organisation controls the thirteen root name servers. In addition, each root name server can run across hundreds of machines worldwide, ensuring further resilience of the root name server system. It is a tribute to the robust nature of this system that Tuesday’s DDoS attack passed largely unnoticed by the average computer user while experts worked to deal with processing the flood of data caused by the attack.

Following earlier DDoS attacks on root name servers in October 2002, the RIPE NCC has improved the reliability of the root name server system by installing mirror instances of the K-root server. RIPE NCC engineers have deployed mirror instances of the K-root server in fifteen locations worldwide.

"I am glad that we have invested in distributing the K-root name server to locations all over the world," said Daniel Karrenberg, Chief Scientist at the RIPE NCC. "This makes the service we provide more resilient against this sort of attack. The good thing about yesterday's attack is that it got noticed only because of our public monitoring and not because Internet users felt any of it."

More information:

The RIPE NCC’s DNS Monitoring Services (dnsmon.ripe.net/) provides a comprehensive, objective and up-to-date overview on the quality of service of the root name servers.

Useful background can be found in the briefings below, which were written by the RIPE NCC’s Chief Scientist, Daniel Karrenberg:

- DNS Root Name Servers Explained For Non-Experts isoc.org/briefings/019/
- DNS Root Name Server Frequently Asked Questions isoc.org/briefings/020/
- The Internet Domain Name System Explained for Non-Experts isoc.org/briefings/016/

February 7, 2007; 05:14 AM Amsterdam - Press Release by DomainInformer.com

Technorati Tags: Global Root Server System and DDoS Attack or RIPE NCC and K-root server or Distributed Denial of Service attack and root name servers or Daniel Karrenberg and Internet or PODCAST and DNS Root Name Servers