Jump to content

DOS attack today


Dirty Butter

Recommended Posts

There was a widespread Denial of Service attack on a variety of very large and well known websites today. But I was a little surprised to see that GitHub was hit as well - even though it's likely not a site that the general public knows anything about or would ever use. Any thoughts?

Link to comment
Share on other sites

The DDOS attack was against a company called "DYN".

DYN offers a service (of several services) of providing domain names an entry into the DNS "phonebook". The DNS phonebook is what matches "dirtybutter.com" to the actual IP address of the computer hosting your site.

Another service DYN provides is a mitigation against an overwhelming number of page requests. DDoS is like everyone in the world deciding to phone you all at the same time. You cannot receive legitimate calls from family and friends, and you cannot find a quiet few seconds to make an outgoing call. This is called a "Denial of Service" (DoS). When hundreds of thousands all try to call you at the same time, it is called a "Distributed Denial of Service" (DDoS).

The ironic thing is that DYN offers technology to its customers to deal with DDoS, but failed to be able to handle the DDoS against itself. Thus, DNS requests for sites such as Twitter, Amazon, ATT, Github, a number of banks, and a myriad of other sites were "down" because DYN could not deliver the IP address for those domains.

The DDoS attack is sourced by a program that is able to "hack" hundreds of thousands of electronic devices that independently connect to the Internet: Webcams, VoIP phones, routers, baby monitors, HVAC thermostats, Internet connected refrigerators, and hundreds of other consumer devices that have default logins the owners never bothered to change. These devices also have easy to compromise vulnerabilities that can set them up as zombie web browsers. In a swiftly sweeping tidal wave, the source can simultaneously trigger these hundreds of thousands of devices to make billions of page requests per second to the unfortunate target.

Link to comment
Share on other sites

These attacks can happen to any website not just the well know website attacks that get into the news. One of my websites was hit and the attack continued for weeks. Hosting company said it was the biggest attack they had ever seen. If a website on a shared server is hit then every site on that server will be affected as the whole server will be brought down.

Link to comment
Share on other sites

We've been bombarded here at the house lately with the fake "Urgent Update" page popping up on FireFox and Chrome. Just to be sure we weren't infected accidentally, I've run several deep scans of late on our computers. But I'm guessing that many people have allowed this trojan onto their home networks. I keep Bluetooth turned off on our computers, but with so many bluetooth devices in people's homes now - it's very disturbing to hear that "Internet THINGS" could be the vulnerable attack point.

Bsmither, thanks for the explanation of how DYN's part in all this affected so many sites.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...