NetworkingNexus.net

How the Dyn DDoS attack unfolded

Today's attacks that overwhelmed the internet-address lookup service provided by Dyn were well coordinated and carefully plotted to take down data centers all over the globe, preventing customers from reaching more than 1,200 domains Dyn was in charge of.The attacks were still going on at 7 p.m. Eastern time, according to ThousandEye, a network monitoring service.Dyn’s service takes human-language internet addresses such as www.networkworld.com and delivers the IP addresses associated with them so routers can direct the traffic to the right locations.To read this article in full or to leave a comment, please click here

How the Dyn DDoS attack unfolded

Some notes on today’s DNS DDoS

Some notes on today's DNS outages due to DDoS.

We lack details. As a techy, I want to know the composition of the traffic. Is it blindly overflowing incoming links with junk traffic? Or is it cleverly sending valid DNS requests, overloading the ability of servers to respond, and overflowing outgoing link (as responses are five times or more as big as requests). Such techy details and more make a big difference. Was Dyn the only target? Why were non-Dyn customers effected?

Nothing to do with the IANA handover. So this post blames Obama for handing control of DNS to the Russians, or some such. It's silly, and not a shred of truth to it. For the record, I'm (or was) a Republican and opposed handing over the IANA. But the handover was a symbolic transition of a minor clerical function to a body that isn't anything like the U.N. The handover has nothing to do with either Obama or today's DDoS. There's no reason to blame this on Obama, other than the general reason that he's to blame for everything bad that happened in the last 8 years.

It's not a practice attack. A Bruce Schneier post created Continue reading

An IoT botnet is partly behind Friday’s massive DDOS attack

Malware that can build botnets out of IoT devices is at least partly responsible for a massive distributed denial-of-service attack that disrupted U.S. internet traffic on Friday, according to network security companies.Since Friday morning, the assault has been disrupting access to popular websites by flooding a DNS service provider called Dyn with an overwhelming amount of internet traffic.Some of that traffic has been observed coming from botnets created with the Mirai malware that is estimated to have infected over 500,000 devices, according to Level 3 Communications, a provider of internet backbone services.To read this article in full or to leave a comment, please click here

An IoT botnet is partly behind Friday’s massive DDOS attack

Loggly aims to reveal what matters in log data

This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Logs are one of those things that a lot of people take for granted. Every software, device and application generates its own logs, and they are often overlooked until something happens and someone needs to dig into the logs to try to discover a root cause of the issue. Companies that treat logs in this way are missing out on an opportunity to improve their business.Logs have an interesting property that makes them quite valuable: they are the only common thread across a company's entire technology stack. It doesn't matter if it's network devices, security devices, operating systems or applications—all generate logs. Because of that, and with the proper tools, it's possible to look end-to-end in the infrastructure and the application stack using logs. The result is the ability to see what is happening from node to node, and from process to process.To read this article in full or to leave a comment, please click here

Loggly aims to reveal what matters in log data

Worth Reading: Facebook’s video views

The takeaway from Facebook’s bombshell that it had overstated a key measure of video ad viewership on its pages by about 80%: It’s not that the social-media giant “miscalculated” its numbers. It’s a fresh view into Facebook’s arrogance, both toward its advertisers and its nearly two billion users. Nothing’s new under the sun, of course — pride has goeth-ed before a fall for all of human history. And obviously does in the digital sphere, too: Facebook FB, +0.05% and its principal digital advertising rival, Google GOOG, +0.04% have been behaving as though customs and principles that have governed the advertising business for its entire history simply don’t apply to them. —Market Watch

The post Worth Reading: Facebook’s video views appeared first on 'net work.

Extensive DDoS attack against Dyn restarts, could indicate a new use of old criminal tech

Attacks against DNS service provider Dyn resumed today after a two and a half hour lull, and could indicate a new application of an old criminal technology, experts say.Dyn hasn’t shared details on the type of DDoS attacks used nor the size of those attacks that have affected access to sites including Amazon, Etsy, GitHub, Shopify, Twitter and the New York Times.+More on Network World: Gartner Top 10 strategic technology trends you should know for 2017To read this article in full or to leave a comment, please click here

Extensive DDoS attack against Dyn restarts, could indicate a new use of old criminal tech

iPads and Apple TV aimed at transforming patient care

No one looks forward to a hospital stay, but the tech amenities at Jacobs Medical Center could make visits more comfortable for patients.With an iPad and Apple TV in every room, patients will be able to control room settings such as temperature, lighting and window shades. They can access games, log into their own social and entertainment apps, and control the TV. The iPad also provides access to a patient’s electronic medical records, including information such as medications, caregivers' names, diagnostic data, and upcoming lab work or medical procedures. RELATED: 14 go-to tools for Mac sysadmins | 25 CIO pay packages revealed | Tech jobs set for biggest raisesTo read this article in full or to leave a comment, please click here

Show 311: Five Engineers And A Microphone

Todays show gathers 5 engineers around a microphone to talk about career paths and certifications, share war stories, debate the value of participating in social media and blogging, and more. The post Show 311: Five Engineers And A Microphone appeared first on Packet Pushers.

On DNS and DDoS

The global DNS infrastructure provides the critical function of mapping seeming random sets of numbers in IP addresses (like 1.1.1.1) to a name that an Internet consumer may recognize (like www.myfavoritestore.com). To scale to a global level, the DNS system was designed as a multi-level reference network that would allow any user on the Internet […]

Dyn issues affecting joint customers

Today there is an ongoing, large scale Denial-of-Service attack directed against Dyn DNS. While Cloudflare services are operating normally, if you are using both Cloudflare and Dyn services, your website may be affected.

Specifically, if you are using CNAME records which point to a zone hosted on Dyn, our DNS queries directed to Dyn might fail making your website unavailable, and presenting a “1001” error message.

Some popular services that might rely on Dyn for part of their operations include GitHub Pages, Heroku, Shopify and AWS.

1001 error

As a possible workaround, you might be able to update your Cloudflare DNS records from CNAMEs (referring to Dyn hosted records) to A/AAAA records specifying the origin IP of your website. This will allow Cloudflare to reach your origin without the need for an external DNS lookup.

Note that if you use different origin IP addresses, for example based on the geographical location, you may lose some of that functionality by using plain A/AAAA records. We recommend that you provide addresses for many of your different locations, so that load will be shared amongst them.

Customers with a CNAME setup (which means Cloudflare is not configured in your domain NS records) where the main Continue reading