On many occasions, vulnerabilities arise that can be exploited by hackers to launch their attacks. Very varied failures that affect all types of devices and systems. In this case we echo a new error that allows DDoS attacks to be carried out through DNS servers. This bug has been named TsuNAME . We will explain how it affects users.
TsuNAME, a new problem for DNS servers
DNS servers are essential for the day to day of our Internet connections. They act as translators when entering a web page. We simply have to put the domain name (for example this article) and it automatically translates that information to the corresponding IP address. This way we avoid having to remember a large number of numbers.
Now a group of security researchers has found a vulnerability called TsuNAME. An attacker could exploit it and carry out denial of service attacks that target authoritative DNS servers .
It should be noted that authorized DNS servers are generally managed by government and private organizations. This includes ISPs and large tech companies located around the world.
In case an attacker exploits the TsuNAME vulnerability , what they do is target those DNS servers and carry out a huge number of requests. They basically seek to saturate them, cause a denial of service. Servers that are vulnerable to this threat will send requests non-stop, which could lead to complications in responding to legitimate users.
According to the security researchers behind this discovery, the possible impact of this type of attack can be the elimination of DNS servers and leave many users without being able to access the Internet. It could even affect a country code top-level domain .
One point that makes this bug very dangerous is that it can be exploited to carry out DDoS attacks against critical DNS infrastructure such as large TLDs or ccTLDs. However, many of the popular DNS resolvers are not affected by this vulnerability.
Mitigations for TsuNAME available
Fortunately, it should be noted that mitigations are already available for this vulnerability that affects authorized DNS servers. They require changes to the software, and the researchers say they can use CycleHunter , an open source tool that helps avoid this problem by detecting bugs.
So far they have detected more than 1,400 domain names that could be vulnerable to this problem. Therefore, once again the importance of correcting vulnerabilities of this type that may arise is demonstrated. There are many security flaws that in one way or another can put our equipment at risk and compromise its proper functioning. We must always install all patches and firmware updates that are available. It is important to prevent the entry of malware that affects computers and servers.
Ultimately, a new security flaw called TsuNAME puts authorized DNS servers at risk. This could affect many web pages, but luckily there is already a possible mitigation to fix the problem.