Fast flux

Hosting method where a domain's IP address changes continuously

Fast flux is a technique where many computers in a botnet act as proxies to a domain serving malicious and/or illegal content. In fast flux hosting, many nodes on a botnet frequently register and de-register their addresses for a single DNS entry. A URL on that domain will therefore point to a continuously changing IP address.

Fast flux is used to prevent IP-based blacklisting. Because of the various proxy layers, it also helps to mask the attackers' system.

Fast flux has been known to security researchers since 2006 and started to be used frequently in 2007.

Related web links


Poll

Do you use the same password(s) across multiple websites?
I use the same password for all sites
I have a number of passwords but use the same for some sites
I use a different password for each site
I don't sign up to any sites that require a password

Leave a comment
View 4 comments

Jobs Career Sidebar

Malware Prevalence

Agent |#######################|
OnlineGames |#################|
Kryptik |#############|
Heuristic/generic |#####|
Heuristic/generic |#####|
 View this month's full report
Virus Bulletin currently has 191,010 registered users.