| dbo:abstract |
Fast Flux ist eine von Botnetzen genutzte DNS-Technik, mit der der Standort von Webservern verschleiert werden kann. Dieses wird mit einem DNS-Server und einer Lastverteilung per DNS (Round-Robin DNS) bewältigt. Üblicherweise werden Fast-Flux-Netzwerke bei Phishing- und DoS-Attacken verwendet. (de) Fast flux is a domain name system (DNS) based evasion technique used by cyber criminals to hide phishing and malware delivery websites behind an ever-changing network of compromised hosts acting as reverse proxies to the backend botnet master—a bulletproof autonomous systems. It can also refer to the combination of peer-to-peer networking, distributed command and control, web-based load balancing and proxy redirection used to make malware networks more resistant to discovery and counter-measures. The fundamental idea behind fast-flux is to have numerous IP addresses associated with a single fully qualified domain name, where the IP addresses are swapped in and out with extremely high frequency, through changing DNS resource records, thus the authoritative name servers of the said fast-fluxing domain name is—in most cases—hosted by the criminal actor. Depending on the configuration and complexity of the infrastructure, fast-fluxing is generally classified into single, double, and domain fast-flux networks. Fast-fluxing remains an intricate problem in network security and current countermeasures remain ineffective. (en) Le fast flux est une technique utilisée pour dissimuler des sites d'hameçonnage (phishing) et de disséminateurs de logiciels malveillants. Cette technique utilise les caractéristiques techniques du protocole DNS (ou Domain Name System), permettant d'attribuer à un même nom de domaine de nombreuses adresses IP. Sa mise en œuvre nécessite en général l'utilisation de botnets. (fr) Il Fast Flux è una tecnica utilizzata nelle botnet basata sul DNS per nascondere il phishing e i siti di malware dietro una rete di host compromessi che agiscono da proxy e che cambiano in continuazione. Si può anche riferire alla combinazione di reti peer-to-peer, sistemi command-and-control distribuiti, load balancing del web e redirezione di proxy utilizzate per rendere le reti di malware più resistenti rispetto alla loro individuazione e alle contromisure. Lo è una delle varianti recenti di malware che fa uso di questa tecnica. Gli utenti di internet possono osservare l'uso del fast flux negli attacchi di phishing legati a organizzazioni criminali, incluso l'attacco a MySpace. Mentre i ricercatori della sicurezza erano a conoscenza della tecnica almeno da novembre 2006, la tecnica ha ricevuto un'attenzione maggiore da parte della stampa a partire da luglio 2007. (it) |
| dbo:thumbnail |
wiki-commons:Special:FilePath/Facebook_new_login_system_spam_fastflux_4.png?width=300 |
| dbo:wikiPageExternalLink |
https://web.archive.org/web/20211122051539/https:/www.icann.org/en/system/files/files/sac-025-en.pdf%7Carchive-date=22 https://www.icann.org/en/system/files/files/sac-025-en.pdf%7Cdate=January http://www.honeynet.org/papers/ff/ https://www.spamhaus.org/faq/section/ISP%20Spam%20Issues%7Ctitle=SpamHaus: https://www.icann.org/en/system/files/files/sac-025-en.pdf%7Cpublisher= https://link.springer.com/article/10.1007/s00521-016-2531-1%7Cdoi=10.1007/s00521-016-2531-1%7Cissue=7%7Cpages=483%E2%80%93493%7Cpublisher= https://web.archive.org/web/20120930144647/http:/honeynet.org/papers/ff%7Cvia= https://web.archive.org/web/20220119142707/https:/www.icann.org/en/system/files/files/sac-025-en.pdf https://web.archive.org/web/20220222233747/https:/www.spamhaus.org/faq/section/ISP%20Spam%20Issues%7Carchive-date=22 https://www.tandfonline.com/doi/full/10.1080/19393555.2015.1058994%7Cvolume=24%7Cissue=4%E2%80%936%7Ctitle=A |
| dbo:wikiPageID |
13738690 (xsd:integer) |
| dbo:wikiPageLength |
15494 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID |
1120212685 (xsd:integer) |
| dbo:wikiPageWikiLink |
dbr:NS_record dbr:Name_server dbr:Application_layer dbr:Honeynet_Project dbr:List_of_TCP_and_UDP_port_numbers dbr:Permutation dbr:University_of_Electronic_Science_and_Technology_of_China dbr:Deep_packet_inspection dbr:Dynamic_DNS dbr:Indirection dbr:User_agent dbr:Pseudorandomness dbc:Botnets dbc:Domain_Name_System dbr:SMTP dbr:SSH_File_Transfer_Protocol dbr:Rock_Phish dbr:Botnet dbr:Conficker dbr:The_Spamhaus_Project dbr:Load_balancing_(computing) dbr:Sichuan_University dbr:Communication_channel dbr:Zone_file dbr:Frontend_and_backend dbr:Fully_qualified_domain_name dbr:Host_(network) dbr:Domain_name_system dbr:Phishing dbr:Post_Office_Protocol dbr:Springer_Publishing dbr:Terms_of_service dbr:Time_to_live dbr:CNAME_record dbr:Top-level_domains dbr:Traceroute dbr:Wayback_Machine dbr:Domain_Name_System dbr:Domain_generation_algorithm dbr:Domain_name dbr:Domain_name_registrar dbr:DNS dbr:Log_analysis dbr:Dynamic_IP_address dbr:Fingerprint_(computing) dbr:Broadband dbr:Digital_subscriber_line dbr:Handshake_(computing) dbr:Transmission_Control_Protocol dbr:List_of_DNS_record_types dbr:Port_forwarding dbr:Proxy_server dbr:HTTP dbr:Internet_Corporation_for_Assigned_Names_and_Numbers dbr:Covert_channel dbr:Acknowledgement_(data_networks) dbr:Transport_layer dbr:White_hat_(computer_security) dbr:Relay_network dbr:Autonomous_system_(Internet) dbr:Avalanche_(phishing_group) dbr:Bulletproof_hosting dbr:Cable_modem dbr:ICANN dbr:IMAP dbr:Round-robin_DNS dbr:Upstream_server dbr:User_Datagram_Protocol dbr:Network_security dbr:Command_and_control_(malware) dbr:IP_address dbr:Evasion_(network_security) dbr:Firewall_(computing) dbr:Malware dbr:Packet_crafting dbr:Reverse_proxy dbr:Out-of-band_data dbr:Storm_Worm dbr:Wildcard_DNS_record dbr:Internet_host dbr:Access_control_lists dbr:Content_distribution_networks dbr:Peer-to-peer_networking dbr:Bullet_proof_hosting dbr:Cyber_criminal dbr:Cybersquatter dbr:Network_infrastructure dbr:File:Facebook_new_login_system_spam_fastflux_4.png dbr:File:Single-Flux_and_Double-Flux_in_DNS_Fast-Fluxing.png |
| dbp:wikiPageUsesTemplate |
dbt:Cite_journal dbt:Cite_web dbt:For dbt:Good_article dbt:IETF_RFC dbt:R dbt:Reflist dbt:Rp dbt:Sfn dbt:Short_description dbt:Domain_parking |
| dcterms:subject |
dbc:Botnets dbc:Domain_Name_System |
| gold:hypernym |
dbr:Technique |
| rdf:type |
dbo:TopicalConcept yago:WikicatComputerSecurityExploits yago:Abstraction100002137 yago:Accomplishment100035189 yago:Act100030358 yago:Action100037396 yago:Event100029378 yago:Feat100036762 yago:PsychologicalFeature100023100 yago:YagoPermanentlyLocatedEntity |
| rdfs:comment |
Fast Flux ist eine von Botnetzen genutzte DNS-Technik, mit der der Standort von Webservern verschleiert werden kann. Dieses wird mit einem DNS-Server und einer Lastverteilung per DNS (Round-Robin DNS) bewältigt. Üblicherweise werden Fast-Flux-Netzwerke bei Phishing- und DoS-Attacken verwendet. (de) Le fast flux est une technique utilisée pour dissimuler des sites d'hameçonnage (phishing) et de disséminateurs de logiciels malveillants. Cette technique utilise les caractéristiques techniques du protocole DNS (ou Domain Name System), permettant d'attribuer à un même nom de domaine de nombreuses adresses IP. Sa mise en œuvre nécessite en général l'utilisation de botnets. (fr) Fast flux is a domain name system (DNS) based evasion technique used by cyber criminals to hide phishing and malware delivery websites behind an ever-changing network of compromised hosts acting as reverse proxies to the backend botnet master—a bulletproof autonomous systems. It can also refer to the combination of peer-to-peer networking, distributed command and control, web-based load balancing and proxy redirection used to make malware networks more resistant to discovery and counter-measures. (en) Il Fast Flux è una tecnica utilizzata nelle botnet basata sul DNS per nascondere il phishing e i siti di malware dietro una rete di host compromessi che agiscono da proxy e che cambiano in continuazione. Si può anche riferire alla combinazione di reti peer-to-peer, sistemi command-and-control distribuiti, load balancing del web e redirezione di proxy utilizzate per rendere le reti di malware più resistenti rispetto alla loro individuazione e alle contromisure. Lo è una delle varianti recenti di malware che fa uso di questa tecnica. (it) |
| rdfs:label |
Fast Flux (de) Fast flux (en) Fast Flux (it) Fast flux (fr) |
| owl:sameAs |
freebase:Fast flux yago-res:Fast flux wikidata:Fast flux dbpedia-de:Fast flux dbpedia-fa:Fast flux dbpedia-fr:Fast flux dbpedia-it:Fast flux dbpedia-lmo:Fast flux https://global.dbpedia.org/id/55Yxm |
| prov:wasDerivedFrom |
wikipedia-en:Fast_flux?oldid=1120212685&ns=0 |
| foaf:depiction |
wiki-commons:Special:FilePath/Facebook_new_login_system_spam_fastflux_4.png wiki-commons:Special:FilePath/Single-Flux_and_Double-Flux_in_DNS_Fast-Fluxing.png |
| foaf:isPrimaryTopicOf |
wikipedia-en:Fast_flux |
| is dbo:wikiPageDisambiguates of |
dbr:Flux_(disambiguation) |
| is dbo:wikiPageRedirects of |
dbr:Fast-flux dbr:Fast-flux_DNS dbr:Fast_fluxing |
| is dbo:wikiPageWikiLink of |
dbr:Computer_security dbr:Botnet dbr:Storm_botnet dbr:Carding_(fraud) dbr:Flux_(disambiguation) dbr:Bulletproof_hosting dbr:Storm_Worm dbr:Fast-flux dbr:Fast-flux_DNS dbr:Fast_fluxing |
| is foaf:primaryTopic of |
wikipedia-en:Fast_flux |
