A massive DDoS (distributed denial-of-service) attack against a popular cloud-based DNS provider Dyn.COM took down major websites. The DYN.COM confirmed it on twitter:
We are aware of the ongoing service interruption of our Managed DNS network. For more information visit our status page.
— Dyn (@Dyn) October 21, 2016
Following sites are having issues due to DNS problems:
- SoundCloud
- Spotify
- Netflix
- Disqus
- PayPal
- Basecamp
- Business Insider
- CNN
- Esty
- Github
- Guardian.co.uk
- Imgur
- HBO Now
- Recode
- The Verge
- Wired and more
You can verify NS with the following standard Unix command:
$ host -t ns twitter.com
twitter.com name server ns2.p34.dynect.net. twitter.com name server ns1.p34.dynect.net. twitter.com name server ns4.p34.dynect.net. twitter.com name server ns3.p34.dynect.net.
From the official announcement:
This attack is mainly impacting US East and is impacting Managed DNS customers in this region. Our Engineers are continuing to work on mitigating this issue. Services have been restored to normal as of 13:20 UTC on 21/Oct/2016. But, I’m still seeing problems.
This DDoS attack may also be impacting Dyn Managed DNS advanced services with possible delays in monitoring. Our Engineers are continuing to work on mitigating this issue. — Oct 21, 2016 – 16:48 UTC
See the “DDoS Attack Against Dyn Managed DNS” update page for up to date information.
(Image credit)
4 comment
As a customer who suffered the outage, I’m considering setting up a secondary DNS infrastructure using AWS EC2 and BIND. Dyn would still be primary. Any thoughts?
Sounds like a good idea. Make sure TTL is set correct as well.
So this is a bad idea to use one dns for the Internet?
I wonder if this has a relation with this: https://www.lawfareblog.com/someone-learning-how-take-down-internet