|
My network has been hit with 35 spoofed DNS queries per second for the past 25 hours (that's over 3 million packets so far...)
The idea is that the attacker sends out relatively small DNS queries that servers will respond to with a much larger reply. A 70 byte query might send out a 3000 byte reply. Multiply that by a few hundred or thousand queries per second ricocheted off various innocent networks such as mine and you have some serious DDoS happening.
Anyway, the point of all this: the spoofed source IPs point to the c class of the host of thepiratebay.org. Someone isn't happy that they're back up.
|