The IT Law Wiki

Fast flux service network

32,080pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Fast flux service network is an

online attack . . . where public Domain Name System (DNS) records are rapidly changed by botnets, in some cases every three to five minutes or less, in order to hide phishing and malware delivery websites, child exploitation sites, and other websites that cannot be readily hosted at a conventional provider.[1]

Overview Edit

"The basic idea behind fast flux is to have numerous compromised computers associated with a single fully qualified domain name, and changing the DNS records with extremely high frequency (every few minutes), effectively swapping which hosts are associated with that domain name. This use of a constantly changing set of hosts makes it much more difficult to take down these illegal websites; as you find and report three or four "botted" hosts, another three or four are rotated into place, replacing the ones being tracked by the security community with a brand new batch."[2]

References Edit

  1. Best Practices to Address Online and Mobile Threats, at 5.
  2. Id.

Also on Fandom

Random Wiki