Fix your DNS servers or risk aiding DDoS attacks
Although this week's large-scale DDoS attack against Spamhaus may not have been as crippling as early reports suggested, they were noteworthy in that they shined spotlights on a couple of the Internet's many underlying weaknesses.
Among them are open DNS resolvers, which enable a technique called DNS amplification wherein attackers bombard target servers with as much as 100 bytes of network-clogging traffic for every one byte they send out.
It remains to be seen whether the parties with the know-how and clout will start addressing these shortcomings in a holistic and meaningful way to make the Internet more secure. Unfortunately it will probably take an incident even more devastating and damaging to get that ball rolling.