Fast flux

Method of preventing a being taken offline by relevent authorities, by continually moving the live web host between multiple, compromised computers. This makes it difficult for a website's owner to be traced, and also makes it difficult for a website to be taken offline, as the authority responsible for the IP address block will also regularly change.

Fast fluxing is commonly seen in phishing attacks, carried out using botnets. First, the botmaster sets up a fast fluxing website - using hosts on their botnet as web servers - with a fake login page for a popular online service, such as an online bank or social networking website. This website's address is then distributed through mass spam email, sent through their botnet's compromised hosts. An occasional unsuspecting recipient will click through to the site, which will load from whichever server the DNS A record currently contains.

Fast flux is a definition, listed in the security category. This entry was last updated on 19 November 2008, at 23:37.  

About the author

Nick Johnston is a self employed computing consultant, working in several facets of the IT industry. With an initial interest in business and computer security, his roles have spread to many other areas.

Nick is currently available for project and contract work - contact Nick for more information.

© 2010 Nick Johnston.

Share!

Share |