Major internet outage

[Capetonian]

Apparently there's been a massive DDOS attack on a DNS server in Hampshire which has knocked a number of major websites (unfortunately not Faecesbook or Twatchat) off line.

I battled to get through to a couple of sites earlier and wondered if it was my internet.
http://www.bbc.com/news/technology-37728015

[500N]

Interesting.

Surprised one attack on one server pulls them down ?

[Alisoncc]

Surprised one attack on one server pulls them down ?

I don't profess to understand all of the idiosyncrasies of the system but.... Originally the DNS - Domain Name System, servers gave out a single IP address for each site URL, but increasingly major players have needed to provision multiple servers at different geolocations to handle their traffic. Thus the IP address for say the Beeb servers will vary as to where your are in the world.

I have a static IPv4 address for my inhouse servers, but they are getting harder to get, as most addresses provided by ISP's are dynamic, potentially changing every time your line reconnects. A company DynDNS was set up to handle this by providing a service whereby they managed DNS servers that dynamically tracked IP addresses for domain names in their care. I understand that major players now use this service to manage different addresses for their domain name based on origination of the request.

It's all terribly complicated such that now when you seek to access bbc.co.uk/news for instance the IP address delivered is almost dynamic and can change based the amount of traffic they are getting. Thus a DDOS attack on the DynDNS servers can be quite catastrophic for major players whilst having no impact at all on our site for instance.

Alison

[500N]

Thanks, thats what I thought.

Might be a bit of a failing of the local system they have set up

[probes]

So, the human nature (its darker and sinister side, that is) has conquered the web. Just like any other big breakthrough and benefit.

Security researchers have long warned that the increasing number of devices being hooked up to the internet, the so-called Internet of Things, would present an enormous security issue. And the assault on Friday, security researchers say, is only a glimpse of how those devices can be used for online attacks.

http://www.nytimes.com/2016/10/22/busin ... pe=article

[admin]

This is the kind of rubbish that we get even on our site. Note the times: 17 Guest hits over a few minutes just ten minutes ago. Imagine if that were 17,000 hits,. That would constitute a DDOS attack as no legitimate user would be able to gain access. I have had 2,000 hits within 60 seconds on my in-house servers. The times displayed are my local time.

Guests.jpg (179.83 KiB) Viewed 239 times

The IP addresses "185.53.44. " originate from a server in Cologne Germany.

[Boac]

It's Chuks......................

[admin]

Looks like my synopsis was fairly on the ball. Amongst the cognoscenti it's known as DynDNS

From the Beeb today:
http://www.bbc.com/news/technology-37738823

Dyn is a DNS service - an internet "phone book" which directs users to the internet address where the website is stored. Such services are a crucial part of web infrastructure.

On Friday, it came under attack - a distributed denial of service (DDoS) - which relies on thousands of machines sending co-ordinated messages to overwhelm the service. The "global event" involved "tens of millions" of internet addresses.
..
DDoS attacks are typically aimed at a single website. Friday's attack on Dyn, which acts as a directory service for huge numbers of firms, affected several of the world's most popular websites at once.

It has emerged that the BBC's website was also briefly caught up in Friday's attack. The BBC is not a customer of Dyn itself, but it does use third-party services that rely on the domain name system hosting facilities provided by Dyn. Only some BBC users, in certain locations, would have experienced problems and they did not last long.