One of the most prominent denial of service attacks in recent
months was one that occurred in March 2013, launched against
Spamhaus and Cloudflare. With a peak volume of
attack traffic of some 120Gbps, it was a very significant attack.
How did the attackers generate such massive volumes of attack
traffic? The answer lies in the Domain Name System (DNS). The
attackers asked about domain names, and the DNS system answered.
Something we all do all of the time on the Internet. So how can a
conventional activity of translating a domain name into an IP
address be turned into a massive attack?
Potaroo blog