DNS parser, meet Go fuzzer

Published on by Filippo Valsorda.

Here at CloudFlare we are heavy users of the github.com/miekg/dns Go DNS library and we make sure to contribute to its development as much as possible. Therefore when Dmitry Vyukov published go-fuzz and started to uncover tens of bugs in the Go standard library, our task was clear. Hot Fuzz Fuzzing is the technique of testing software by continuously feeding it inputs that are automatically…

Up and to the Right: Forrester Research Ranks CloudFlare as a “Leader” for DDoS Services Providers

Published on by Troy McClure.

Forrester Research, Inc. has released The Forrester Wave™: DDoS Services Providers, Q3 2015 report which ranks CloudFlare as a leader. How do you get placed “up and to the right”? The leaders in this Wave, including CloudFlare, demonstrated effective portals, good client and revenue growth, and a focus on customer service. They also all have the ability to defend against the largest amplification attacks and the most pernicious…

A deep look at CVE-2015-5477 and how CloudFlare Virtual DNS customers are protected

Published on by Filippo Valsorda.

Last week ISC published a patch for a critical remotely exploitable vulnerability in the BIND9 DNS server capable of causing a crash with a single packet. CC BY 2.0 image by Ralph Aversen The public summary tells us that a mistake in handling of queries for the TKEY type causes an assertion to fail, which in turn crashes the server. Since the assertion happens during the query…