Domain Registrar Joker Hit by DDoS

Domain registrar Joker.com says its nameservers are under attack, causing outages for customers. More than 550,000 domains are registered with Joker, which is based in Germany. Any of those domains that use Joker's DNS servers are likely to be affected.

"Joker.com currently experiences massive distributed denial of service attacks against nameservers," the registrar says in an advisory on its home page. "This affects DNS resolution of Joker.com itself, and also domains which make use of Joker.com nameservers. We are very sorry for this issue, but we are working hard for a permanent solution."

Nameservers, which store the records that connect domain names with specific IP addresses, are attractive targets for hackers because they control the availability of large numbers of web sites. In 2002 the Internet's root nameserver system came under attack, with the DDoS causing network congestion but only minor performance problems for the DNS system, which a subsequent analysis noted is "massively overprovisioned to make it robust against attacks or network failures."

In the wake of that attack, most major registrars have robust infrasturcture to defend against DDoS attacks. It's not immediately clear whether the problems at Joker.com are related to the specifics of its DDoS defenses or the sheer volume of the attack. In recent weeks some Internet security groups have warned of the dangers posed by DNS recursion attacks, which can use the nameserver system to amplify a DDoS launched by a bot network.