![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
everydns.net go BOOM!
Dec. 1st, 2006 04:26 pmSo, I run a few hobbyist/non-profit domains, and I've been using the DNS services of EveryDns.net.
At 3:45 PM EST today, all 4 of everydns's nameservers stopped responding. All 4 servers are on seperate networks and in seperate physical locations.
This has "DDoS attack" written all over it.
The following domains are currently having interruptions in service:
- anthrocon.org
- claws-and-paws.com (including pafurry.claws-and-paws.com and lists.claws-and-paws.com)
- jbadger.org
- saveardmorecoalition.org
Not much we can do, other than to wait things out. Unless this DDoS lasts for more than 48 hours (typical time to propagate new NS records for domains), switching DNS providers probably won't help.
"What is DNS?"
DNS is the service that maps machine names to network addresses. That way, if you move a website onto a new machine, you simple need to update the DNS entry with the new address. Think of it like a phonebook.
"So the websites themselves are not affected?"
Correct. The websites and the machines they are running on are just fine. Though they aren't processing much traffic right now. :-P
"So, who is responsible for this?"
I don't know.
"How long will this continue?"
I don't know.
"How is this even possible?"
The main tactic for DDoS attacks these days seems to involved 0wned Windows boxes that are used as zombies. Thousands of 0wned boxes will be "commanded" at the same time to flood a specific host (or hosts in this case) with traffic. Since the traffic is coming from computers all over the world, it's non trivial to filter out, especially if it is disguisedto look like normal HTTP or DNS traffic.
Boxes typically get owned through spyware, viruses, and/or worms introduced through trojan horses.
"Are there any preventative measures we can take?"
Yes, if you own a Windows box, make sure it is kept up to date. Also, make sure that you are running both anti-spyware and anti-virus software. Having Internet access is a wonderful thing, but certain responsibilities come with that. If you don't know how to keep your machine up to date, find someone to help you out.
[Edit: Things are back to normal now.]
At 3:45 PM EST today, all 4 of everydns's nameservers stopped responding. All 4 servers are on seperate networks and in seperate physical locations.
This has "DDoS attack" written all over it.
The following domains are currently having interruptions in service:
- anthrocon.org
- claws-and-paws.com (including pafurry.claws-and-paws.com and lists.claws-and-paws.com)
- jbadger.org
- saveardmorecoalition.org
Not much we can do, other than to wait things out. Unless this DDoS lasts for more than 48 hours (typical time to propagate new NS records for domains), switching DNS providers probably won't help.
"What is DNS?"
DNS is the service that maps machine names to network addresses. That way, if you move a website onto a new machine, you simple need to update the DNS entry with the new address. Think of it like a phonebook.
"So the websites themselves are not affected?"
Correct. The websites and the machines they are running on are just fine. Though they aren't processing much traffic right now. :-P
"So, who is responsible for this?"
I don't know.
"How long will this continue?"
I don't know.
"How is this even possible?"
The main tactic for DDoS attacks these days seems to involved 0wned Windows boxes that are used as zombies. Thousands of 0wned boxes will be "commanded" at the same time to flood a specific host (or hosts in this case) with traffic. Since the traffic is coming from computers all over the world, it's non trivial to filter out, especially if it is disguisedto look like normal HTTP or DNS traffic.
Boxes typically get owned through spyware, viruses, and/or worms introduced through trojan horses.
"Are there any preventative measures we can take?"
Yes, if you own a Windows box, make sure it is kept up to date. Also, make sure that you are running both anti-spyware and anti-virus software. Having Internet access is a wonderful thing, but certain responsibilities come with that. If you don't know how to keep your machine up to date, find someone to help you out.
[Edit: Things are back to normal now.]