NeuStar's UltraDNS hit by DDoS attack
Managed provider struggles with bad traffic.
By Carolyn Duffy Marsan, Network World (US) | Published: 15:39, 01 April 2009
NeuStar confirmed that its UltraDNS managed DNS service was knocked offline for several hours on Tuesday morning by a distributed denial of service attack.
"Early this morning, our monitoring systems detected a significant denial of service attack, which affected a small subset of our customers, in some cases for as long as a few hours,'' the company said in a statement. "While we continue to investigate the cause, the extent, and the duration of the attack, service was completely restored by 10 a.m. EST.''
NeuStar is a leading provider of high-availability DNS services to e-retailers including J.Jill and Diamond.com as well as high-tech companies such as Oracle and Juniper.
Related Articles on Techworld
Competitor Dynamic Network Services blogged about the UltraDNS outage earlier today, asserting that it affected Amazon.com, SalesForce.com, advertising.com and Petco.com.
"We saw some funkiness starting over in Europe, and we were seeing that resolution for Amazon.com was failing,'' says Dynamic Network Services CEO Jeremy Hitchcock. "It looks like a pretty large outage that was affecting UltraDNS customers. It started this morning around 8 a.m, and for a two-hour period traffic was very significantly affected. Now it looks like things have settled down.''
Hitchcock said his company's Dynect Platform monitoring system saw heavy packet loss on UltraDNS name servers, with as much as 50 percent to 70 percent of responses being dropped.
"It's a pretty significant event to have that kind of wide-scale disruption,'' Hitchcock added.
NeuStar is a leading provider of Internet infrastructure services. In addition to providing its UltraDNS suite of managed DNS services, NeuStar is the registry for the .biz and .us domains, and it provides telephone number look-up services for carriers in North America.
NeuStar has been a leader in the push to deploy security extensions to the DNS infrastructure through an emerging standard dubbed DNSSEC.
However, DNSSEC doesn't address the problem of denial of service attacks. Instead, DNSSEC prevents hackers from hijacking web traffic and redirecting it to bogus sites. Denial of service attacks, on the other hand, occur when a hacker disables a website by flooding it with bogus requests usually sent from a bot network.