by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : March 2013
[BrieFing] 8 GCN MARCH 2013 • GCN.COM NEWS ANALYSIS With the number of denial of service (DOS) attacks growing, several tech- niques are being used to take advantage of the Domain Name System's openness to attack DNS servers and targets that do not maintain a DNS server. Radware's Global Application & Network Security Report describes four types of attacks targeting or using DNS: BASIC DNS FLOOD Much like a brute-force DOS attack against any server, basic DNS ood at- tacks use high volumes of traf c to over- power a DNS server. They can employ User Datagram Protocol (UDP) packets, which are accepted by DNS servers and do not require a connection, making it easy to spoof the IP address and hide the identity of the attacking computers. REFLECTIVE DNS ATTACK This technique manipulates DNS servers into directing attack traf c at a target using spoofed IP addresses. Requests are sent to a third-party DNS server us- ing the address of the intended target. Replies are then sent to the target server, which can be overwhelmed by the volume of DNS traf c. The traf c volume is increased because a DNS reply typi- cally is three to 10 times larger than the request. The attacker remains hidden behind the DNS servers sending replies to the target. RECURSIVE DNS ATTACK This attack, which Radware calls the most sophisticated and asymmetric, uses the hierarchical nature of DNS. When a recursive DNS server receives a request to resolve a domain name that it does not have cached, it sends out que- ries to other DNS servers, hoping for an answer that can be returned. By sending multiple recursive requests for domain names not cached by the target, an at- tacker can force that server to send out many requests of its own and wait for responses, quickly using up processing power, memory and bandwidth. Because of the low amount of traf c needed to generate a recursive attack, it often can y under the radar of defenses that are tuned to high volumes of traf c. GARBAGE DNS ATTACK As the name implies, this is a volume- based attack using large UDP packets to overwhelm network pipes. Because availability on the Internet requires DNS, organizations will not block the targeted DNS port at the router level, opening a clear shot for a distributed DOS attack. • Know the 4 denial of service types that can threaten your Domain Name System servers BY WILLIAM JACKSON Among public-sector organiza- tions, the federal government is leading the charge to the cloud, as might be expected consid- ering the O ce of Manage- ment and Budget's Cloud First mandate. But state and local government and higher educa- tion organizations are moving to the cloud, too. What are they using the cloud for most often? CDW recently surveyed 1,242 IT professionals across the public and private sectors for its 2013 State of the Cloud Report. And although there is some overlap among the three sectors, there are also some di erences in usage. From the CDW report, here are the three most common services and applications each of the three sectors --- federal, state and local and higher ed --- are taking to the cloud. The percent- ages indicate the rate of adop- tion among agencies that have migrated or are migrating those services to the cloud. --- Kevin McCaney Top services or applications moving to the cloud Source: CDW 2013 State of the Cloud Report 0% 40% Federal State and local Higher education Conferencing and collaboration Messaging Of ce and productivity suites Storage Conferencing and collaboration Messaging/business process apps/compute power Storage Messaging/conference and collaboration Compute power 39% 37% 33% 19% 17% 15% 31% 29% 25%