REDWOOD CITY, CA — (Marketwired) — 07/25/13 — Internet Systems Consortium (ISC) announces that the RRL module, currently the most effective defense against the use of DNS in Distributed Denial of Service attacks, is now part of the upcoming BIND release.
A DNS DDoS attack works by forging queries that look like they came from the victim-s server, making it appear to be requesting a high volume of information. RRL enables server administrators to limit the rate at which their server will send replies to forged queries, thereby preventing it from contributing to the attack. The frequency of DNS DDoS attacks has been increasing, rising by 20% in Q2 of 2013. In an average attack 50 million packets per second are beamed at the victim. As attacks increase, RRL is the best defense available.
“Our users have been asking for RRL to be incorporated into BIND,” said Kannan Ayyar, President of Internet Systems Consortium, “and we recognize the important role it plays in DDoS mitigation. With DDoS attacks increasing in both number and severity, we felt it was important to integrate RRL into a supported release.”
“We have been testing RRL in limited release, and are now confident that it is ready for general use in BIND installations,” said Scot Mann, ISC-s VP of Engineering. “Third-party additions like RRL are possible because BIND is open source software. Now that it is fully implemented, we look forward to enhancing and building on RRL in future releases.”
For more information on RRL, visit the ISC Knowledgebase at , or sign up for a webinar listed at .
Commercial support for BIND and additional RRL functionality is available to DNSco subscription customers; see .
Internet Systems Consortium (ISC) is a 501(c)3 public benefit corporation widely known for world-class Internet software engineering and network operations. Founded in 1994 under an initial grant from UUNET, ISC is governed today by a 5-member Board of Directors. ISC software, of which BIND and ISC DHCP are the two best-known examples, is open source. Our passion is Internet core technology. Our widely-imitated Managed Open Source process ensures the quality of our software while keeping it completely open and available. ISC operates high-reliability global networks of DNS root servers (F-root) and authoritative DNS servers both for non-profit and commercial enterprises. ISC is actively involved in Internet protocol and standards development, particularly in the areas of DNSSEC and IPv6. ISC is supported by donations from generous sponsors, by program membership fees, and by increasing revenues from for-profit subsidiaries. For further information, please visit .
DNSco, an ISC company, combines a business view and full-service solution with ISC-s world-renowned technical excellence. DNSco-s products are subscriptions for major ISC software titles, training and consulting for the technologies involved, subscriber-only enhancements to the software, and software support related to their operation as well as advance notifications of security vulnerabilities. In addition DNSco releases various closed-source software products, tools and services. For more information see .
Brian Reid
+1 650 423 1327
You must be logged in to post a comment Login