We talk about DynDNS. Majority of the serious websites use DynDNS including Twitter, Spotify, Github, SoundCloud, The New York Times and so on. We also use Dyn. Today, users reported Internet to be not usable for many websites. This happened as hackers brought a large scale distributed denial of service (DDoS) attack on the servers of Dyn as DNS host. Dyn DNS talked about global DDoS attack of today which possibly made half of Internet down. Here is a to do list for public from our side. Here is update from Dyn :
Many websites were temporarily inaccessible to many users in the US today, though the initial problems appeared to be resolved in just over two hours, they may try again and again.
Global DDoS Attack of Today : To Do List For Public
Public unrelated to web servers need to understand the basic concept of exploits like Man-in-the-Middle Attack (MITMA). A hacker can abuse your IP address to create the attacks. As because the DNS hosts, sysadmins will be filtering the IP address, hackers can try new IP4 addresses. Here is a quick and easy list for possible minimal good for the all sysadmins :
- Please do not panic.
- Please inform the other possibly not aware users like your friends.
- Please do not try to reload the websites within 30 minutes which are not loading after a second try. Your effort will increase load.
- Please ensure that when you are not using the Internet actively, your devices are not kept connected to the internet unless you have idea about security. Your device’s security flaw can be abused.
- Please apply software updates available for your devices.
- It can happen that some websites are comprised on this chance by a third party hacker. If you notice odd on any website, please report to webmaster.
- Please keep an eye on the security related websites.
Previous month, Dyn actually increased our plan for higher usage than permissible at that plan. Dyn is saying that, they actually noticed higher DDoS on their clients. We really faced huge SSH Bruteforce this month on multiple web hosts. We lack idea whether they are related.
All sysadmins may try to help to add the spammy Its on various blacklisting websites.