Dyn dinged by DDoS: US DNS firm gives web a bad hair day A denial of service attack against managed DNS provider Dyn restricted access to many US-based websites on Friday. The ongoing attack is affecting Dyn’s managed DNS customers on the US East Coast, according to the provider, which adds on its status page that its “engineers are continuing to work on mitigating this issue”. …
I had hoped that there would be a little more coverage here at ElReg. I know it's the wrong side of the pond but this appears to be a fairly major hack.
Interestingly the 'conservative' sites I visit haven't had any issues. It is the 'liberal' media that appears to be down.
Note: The quotes are to indicate I am using the American versions of those words.
Interestingly the 'conservative' sites I visit haven't had any issues. It is the 'liberal' media that appears to be down.
Guess that applies to the Grauniad. Articles are working here in the States, but I can't log in, due to DNS problems. Maybe this is a Putinbot operation in retaliation for Assangesky getting sent to the cyber gulag?
Interestingly the 'conservative' sites I visit haven't had any issues. It is the 'liberal' media that appears to be down.
Here's a very liberal site that wasn't down; they were talking about the DDoS in the comments: http://www.nakedcapitalism.com/2016/10/200pm-water-cooler-10212016.html
Hmmm, they were spared because they're too liberal for Hillary? lolz.
We're on it - it's on our radar, we also have other stories to cover too.
Late edit: We published new stuff. Here's a summary of our updates.
C.
"I know it's the wrong side of the pond but this appears to be a fairly major hack."
So, now a DDOS from a bunch of cameras and home routers is a hack.
My, how some people have low standards.
The only real hack was against those insecure IOT devices.
Or as I call them, IdiOT owned devices.
Wzrd1,
See my handle. I come here so that I know just enough to not buy stupid kit like anything labelled smart. If only I could get my even less informed friends and family to do the same this particular attack might not have been possible.
The good news is that if I get corrected enough I might be able to raise my rank from poser to novice.
I’ve been searching the archives trying to get my head around Mirai the IoT botnet DDOS army. How did the hackers find them to coopt them? Is it the connection to a mother ship that many of these insecure IoT devices require that hackers can exploit to find the devices in the first place? Or are the IoT devices behind home routers exposed when the routers themselves are compromised? (default or weak passwords, open service ports, whatever.)
Any thoughts on the matter are greatly appreciated.
The symptoms were really odd, and this explains it all as it affected DNS resolution of our own domain and things like github, but not other domains. We use Dyn too...
Can we replace the moniker IOT with IOUT?
Internet Of Unpatched Things
(Sure some of them are just boxes with the default password, but the important thing is that they need to be KICKED OUT if the internet is to be a thing in 5 years)
13:05 CST: Ars Technica updated their post on this occurrence to say a second wave of attacks began at about noon EST. As of right now, sites like Wikipedia, The Face Book, Twitter, and the like are not accessible, at least to me. Other sites like Ars Technica, and El Reg are much slower loading than usual.
DDoS attacks on companies like Dyn, which facilitate the loading of web pages, have increased recently in both size and intensity. The latest comes the day after Doug Madory, director of Internet Analysis at Dyn, gave a presentation at an industry conference about research he had done on questionable practices at BackConnect Inc., a firm that offers web services, including helping clients manage DDoS attacks. According to Madory, BackConnect had regularly spoofed Internet addresses through a technique known as a BGP hijack, an aggressive tactic that pushes the bounds of industry.Madory’s research was conducted with Brian Krebs, a well-known writer on computer-security issues. Krebs also published an article based on the research last month. Within hours, his website was hit by a “extremely large and unusual” DDoS attack, he wrote.
Twitter.com won't resolve here; I predict a massive social breakdown if this isn't fixed soon. Beer o'clock will be coming early this Friday.
Does anyone else remember the public service film that warned the collapse of the civilian internet was the first sign that human civilization was about to suffer a nuclear holocaust inflicted by murderous robots?
The firestorm will come at 3 a.m. US EDT tomorrow, when Donald Trump arises and discovers he still can't send Tweets. SAD!
I think Gov.uk's main hosting supplier uses Dyn. Therefore Verify, visit visas and a few other new GDS government services are down and/or just redirect to the Gov.uk home page. As GitHub is broken also then they won't have a clue what to do and will likely be crying into their beards.....unless they are too busy playing ping pong to notice.
Question: Suppose your primary authoritative DNS server is at DYN , and your secondary authoritative server is at Rackspace, or Google, or Neustar, etc ..
If you primary DNS server at DYN fails to respond, shouldn't the dns client then query your seconday DNS server at Rackspace, or Google, or Neustar etc. ?? ( i.e wherever you have your secondary DNS hosted.)
"The problem in this case is that DYN is the host for these domains which are spread over many servers."
Exactly.
The ONE thing cloud is ideal for: Rent 2 or more VPS servers at DIFFERENT providers and let bind take care of zone transfers. And then even the big names mess it up.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
