Last Updated on November 3, 2025 by Dave Farquhar
A Dutch ISP that acts as a spam haven is DDOSing Spamhaus, and they’re using DNS to do it. The attack is using spoofed DNS queries to create, basically, a smurf-like attack. And the sheer volume of traffic is likely to affect the Internet as a whole.
That might explain why my recruiters were complaining that it was taking forever to look up job postings today. (Yes, I can publicly admit that I’m talking to recruiters. That’s another story.)
But basically, if you run a DNS server, you need to check your configuration to keep lowlives from using your DNS as a weapon. Here is a useful page for those of you running BIND, the one of the most popular DNS servers.
This was the most common type of attack in 2012; it looks like some people are trying to up the ante in 2013. We can make it stop, but every sysadmin running a DNS server is going to have to pitch in to help.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.