Sign in / up

back to article How many Internet of S**t devices knocked out Dyn? Fewer than you may expect

With more time to analyse its logs, DNS provider Dyn reckons about 100,000 Mirai-infected home web-connected gadgets knocked it out last Friday. In its latest analysis, product executive veep Scott Hilton writes: “We are still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Fazal Majid

    Mistake #1 - using BIND

    http://blog.erratasec.com/2016/10/some-notes-on-todays-dns-ddos.html

    0 1 Reply
    1. Dan 55 Silver badge
      Reply Icon

      Re: Mistake #1 - using BIND

      Well he also says Obama is responsible for everything bad in the last eight years, regulating IoT would be bad, and to use Bluetooth instead of WiFi (routers?) so I'd be inclined to take his blog post with a pinch of salt.

      12 0 Reply
  2. Tomato42
    Facepalm

    Solution?

    If only the DNS system was distributed and used local caching for the queries...

    Alas, we all know that it was introduced for load leveling purposes, so they couldn't have predicted it. /s

    8 0 Reply
    1. Charles 9
      Reply Icon

      Re: Solution?

      You can't cache these days because the same query can return different IPs with each query. This happens to be one way to avoid hammering a server.

      0 1 Reply
      1. Tomato42
        Reply Icon
        Boffin

        Re: Solution?

        @Charles 9: that's exactly what I'm talking about. The queries return different IPs with every query, and they have time to live measured in minutes because they use DNS for load balancing. While in ye olde times results would have time to live measured in hours or days.

        they've abused DNS system and now they suffered the consequences

        0 0 Reply
        1. teknopaul
          Reply Icon

          Re: Solution?

          I think google should respond to searches with a fallback ip address with each link. Then ddosing the dns would have less impact. add multiple day fallback caches and dns returns to normal.

          0 0 Reply
  3. DNTP

    That kills one entertaining theory

    Specifically, the comically dystopian joke that we'll run out of IP addresses before there are enough devices online to kill the DNS system or do other massive damage...

    4 0 Reply
  4. Stevie

    Bah!

    "100 large"?

    We are talking about webcams and iBulbs here, not American bank heist hauls.

    You work in the computer business. It isn't mysterious and alluring any more, no matter how you try and Sweeny it up.

    2 5 Reply
    1. Hero Protagonist
      Reply Icon

      Re: Bah!

      Someone put on their grumpy pants today

      5 0 Reply
    2. David Roberts
      Reply Icon

      Re: Bah!

      Someone fell out of the Grumpy tree and hit every dwarf on the way down.

      1 0 Reply
  5. phicoh

    Maybe some basic math?

    Assume a 1 Tbit/s attack, assume 100000 devices, what's the average attack bit rate per device?

    Well, that's just 10 Mbit/s.

    Can an internet connected video camera do 10 Mbit/s or better? Very likely if it is HD or better. Even for tiny processors 10 Mbit/s is nothing these days.

    Can an internet connection upload 10 Mbit/s or more. Yes, lots of people have that kind of bandwidth.

    0 0 Reply
    1. Charles 9
      Reply Icon

      Re: Maybe some basic math?

      Really? Where I sit that's about $100/month. Most users I know are lucky to have 1Mb/sec (DOWNstream).

      0 0 Reply
  6. Anonymous Coward
    Anonymous Coward

    The more layers you add

    The more attack surface you have.

    The internet in general needs to be fixed.

    We need TCP/IP as a layer because the protocols underneath are not routable.

    We need DNS because the average person struggles to remember IP addresses.

    We need a technical cleansing I think.

    Round everyone up and ask them simple questions, bullet to the head of those that can't answer them.

    Officer: What version of Windows do you have?

    Dimwit: Is that Office?

    Officer: *puts bullet in dimwits head*

    Officer: NEXT!

    Officer: Ok type www.youtube.com into the address bar in a browser to open up YouTube.

    Dimwit2: Browser? Is that like google? *types www.youtube.com into google and clicks the first result*

    Officer: *executes dimwit*

    Officer: NEXT!

    Officer: Plug in this USB drive and run the malware executable on it.

    Dimwit3: *installs the malware without question*

    Officer: *shoots dim wit between the eyes*

    Its brutal and barbaric but it may soon be necessary.

    1 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: The more layers you add

      nature is brutal and barbaric

      0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like