Skip to content

Instantly share code, notes, and snippets.

@scj643

scj643/Friday DDoS.md

Last active October 25, 2016 13:30
Show Gist options
  • Save scj643/a00a499806f72f3a0280d159e3ae63e1 to your computer and use it in GitHub Desktop.
Save scj643/a00a499806f72f3a0280d159e3ae63e1 to your computer and use it in GitHub Desktop.
Download ZIP
Internet issue on friday
Raw
Friday DDoS.md

#What Happened to the Internet on Friday On Friday, October 21st dozens of websites were inaccessible during the day. Some of these include Twitter and Spotify. This was done through a Distributed Denial of Service (DDoS) They targeted the DNS provider Dyn. The result of this was an outage to people that were using their services to not be able to reach many sites.

A DDoS is a huge group of botnets (computers or devices taken over by a hacker) that send a flood of traffic to a site. The result of this is that the service is overwhelmed by the attack and makes legitimate use slow. Also it is harder to stop since it's originating from so many different places, with no real pattern.

The implications of this attack were noticeable but didn't take out the internet. This is because it only took out one part of the chain of going to different sites. DNS translates a domain name (I.E. scj643.me) and translates that into an IP address (107.170.104.108 in the case of scj643.me). Since only one DNS server was taken down others were fine. So using an alternative DNS like Level 3 or OpenDNS you would have not noticed this outage.

The way it was done was reportedly done by IoTs (internet of things) which includes security cameras and DVRs. According to Kerbs On Security some products from XiongMai Technologies have a security flaw and their default passwords are known and are hard coded into the device, and can not be changed. The way that it was done was through an open source tool called Mirai, which scans the internet for these insecure IoTs devices. In my opinion a device should not have any remote access that is hard coded and isn't able to be disabled.

This could have been prevented. One way is stronger security on IoT devices. One way this could have been implemented is having the external root access to such devices disabled by default. IoTs should take a page from how chromebooks work though that could drive up prices. Also manufacturers shouldn't take the lazy way out and have people do security audits on their hardware and software.

##Sources https://techcrunch.com/2016/10/21/many-sites-including-twitter-and-spotify-suffering-outage/

http://www.reuters.com/article/us-cyber-attacks-manufacturers-idUSKCN12O0MS https://techcrunch.com/2016/10/10/hackers-release-source-code-for-a-powerful-ddos-app-called-mirai/ https://github.com/jgamblin/Mirai-Source-Code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment