Intrusion Prevention

DNS.BailiWicked.Domain.Attack

Description

This indicates detection of an attempt to exploit a common vulnerability in DNS servers.
The attack is launched through multiple DNS query requests occurring in a short period of time. Detection occurs when an attacker attempts a brute force attack at a rate of about 300 times in 10 seconds.

Affected Products

Windows DNS Clients and Servers
ISC BIND 8 and 9

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patches for this issue.

CVE References

CVE-2008-1447