odis172Premium
join:2010-01-18
Nepean, ON | reply to squircle
Re: DNS Outage Same here in Gatineau.
did a dns lookup in pfsense for www.ncix.com:
206.248.154.22 No response
206.248.154.170 No response
8.8.8.8 44 msec |
|
 TSI GabePremium,VIP
join:2007-01-03
Chatham, ON
kudos:2 | Quite plainly we got a message that someone was unhappy with the copyright issue and is now DDoS attacking us.
We are working on it. |
|
 zacronPremium
join:2008-11-26
canada | ROFL... Sometimes people are stupid. I wish they'd think before doing something like this as it will have NO effect on the outcome of the case. --- I can fix anything; except stupid
--
"Recognize, Realize, and Repent" |
|
|
|
| reply to TSI Gabe
well, there's one user Teksavvy should be taking to court  |
|
| reply to TSI Gabe
Thank you ....I see the problem on my side also from Orleans Ontario.
Good luck! |
|
| reply to enzymes
I suppose you can find this disgruntled client and give him a verbal slap on my behalf. Either that, you maybe you can at least tell him to aim his DDoS cannons at someone who doesn't affect my connection.
Thanks to TSI and other users here for keeping us all updated.
Thanks to this I've downloaded set dns tool for the android devices, too. |
|
| here is google dns. You can use is alternatively if somebody wants to keep using internet. Its fast and reliable.
8.8.8.8 or 8.8.4.4 |
|
| reply to sheekeebut
Speaking of disgruntled clients, has anyone tried jumping onto the voltage pictures llc site right now? I think most of the attacks seem to be headed thataway. |
|
| reply to TSI Gabe
Re: DNS Outage Ha! Obviously with their mentality of entitlement they deserve to pay the maximum penalty! Hope their dumbass gets nailed  |
|
| reply to TSI Gabe
Has there been any discussion of splitting the DNS into:
- publicly accessible forward/reverse authoritative servers
- subscriber-only accessible caching servers (with appropriate egress/ingress filtering on the network perimeter)
So the next time your DNS gets DDoSed, the architecture of your DNS will limit the damage a non-subscriber can do to your average subscriber's Internet connectivity? |
|
zacronPremium
join:2008-11-26
canada | That adds a layer of complication to things... But if it works then let's do it 
--
"Recognize, Realize, and Repent" |
|
| reply to dnsoutaage
said by dnsoutaage :here is google dns. You can use is alternatively if somebody wants to keep using internet. Its fast and reliable.
8.8.8.8 or 8.8.4.4
Not sure I like Google getting even more info about our surfing habits.
But configuring a backup DNS server or 2 is definitely a good idea
Currently using something like this.
DNS1 Teksavvy
DNS2 OpenDNS
DNS3 Comodo |
|
brad
join:2007-09-06
Etobicoke, ON | reply to zacron
said by zacron:That adds a layer of complication to things... But if it works then let's do it
It does not and that's the way a knowledgeable admin should be doing things anyway. |
|
| reply to derekm
said by derekm:Has there been any discussion of splitting the DNS... I'll take the lack of official response as a 'no'. |
|
TSI GabePremium,VIP
join:2007-01-03
Chatham, ON
kudos:2 | We already have exactly those things. |
|
| That's good!
How were the servers able to be DDoS'd if they were accessible only by subscribers though?
Does that mean a particular subscriber was attacking your server from within your network?
I know there are some DNS amplification attacks they could probably do (that you might call a DDoS), but that seems like a terrible idea, on their part - and easy to fix on yours (i.e. terminate their connection, follow up with legal).
Maybe I don't understand, or maybe the attacker was really dumb. |
|
