"Everyone's picked it up now," he said. "The next big DDOS on some former Soviet republic, you'll see this mentioned, I'm sure."

One of the things that makes a DNS amplification attack particularly nasty is the fact that by sending a very small packet to a legitimate DNS server, say 17 bytes, the attacker can then trick the server into sending a much larger packet -- about 500 bytes --- to the victim of the attack. By spoofing the source of the packet, the attacker can direct it at specific parts of his victim's network.

Jackson estimates that the 5GB/second attack against ISPrime was achieved with just 2,000 computers, which sent out spoofed packets to thousands of legitimate nameservers, all of which started flooding the ISPrime network. ISPrime's Rosenthal says that about 750,000 legitimate DNS servers were used in the attack on his network.

Earlier this week, SecureWorks produced a of the DNS Amplification attack.

The attack is generating a lot of discussion amongst DNS experts, according to Duane Wessels, program manager with DNS-OARC (Operations Analysis and Research Center), based in Redwood City, California.