[156227] in North American Network Operators' Group
RE: Heads-Up: GoDaddy Broke the Interwebs...
daemon@ATHENA.MIT.EDU (Drew Weaver)
Wed Sep 12 16:14:11 2012
From: Drew Weaver <drew.weaver@thenap.com>
To: 'Naveen Nathan' <naveen@lastninja.net>
Date: Wed, 12 Sep 2012 16:13:15 -0400
In-Reply-To: <20120912064357.GF54523@armakuni.lastninja.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
I just wanted to make one quick point.
Cloudflare is not a competitor of GoDaddy in any sense except that they are=
"involved in DNS" and they both have a web site.
CloudFlare has also been known to "give up" and dump small to medium sized =
PPS attacks onto the end target without notification and there doesn't seem=
to be any threshold or policy in place for when they do that.
Thanks,
-Drew
-----Original Message-----
From: Naveen Nathan [mailto:naveen@lastninja.net]=20
Sent: Wednesday, September 12, 2012 2:44 AM
To: nanog@nanog.org
Subject: Re: Heads-Up: GoDaddy Broke the Interwebs...
> we do not know what happened. we have an apology, not an explanation=20
> or reasonable post mortem. all else is conjecturbation.
Agreed. And as Chris and Kyle pointed out, there is no indication that the =
problems were present in the BGP DFT, and the issues could've occured over =
iBGP. I completely concur with this, and do not preclude it as an explanati=
on.
But I would just like to put this out there.
In the past, GoDaddy has clashed with the Internet due to their initial sta=
nce on SOPA, which resulted in a noticeable loss of customers and generated=
a significant amount of bad press.
Now, there's a lot of conjecture as to what caused their outage.
But the most harm to GoDaddy would be reporting that they had a security br=
each or DoS/DDoS attack which would instill fear in their customer base.
The major media outlets had already picked this up and started to report fo=
ul play by Anonymous, denial of service attacks, or whatever.
To save face, it would make the most sense not to mention that a security b=
reach or DoS/DDoS attack occured. Indicating a security breach would be imm=
ediate concern for any customer. If it was a DoS/DDoS attack, they're basic=
ally admitting that they don't have an infrastructure capable of withstandi=
ng or mitigating such attacks (which competitors such as Cloudfare do claim=
). So the best option would be to spread disinformation if either occured, =
and offer /generous/ service credit to earn back customer goodwill and conf=
idence.
This is simply why I remain skeptical. And as I said earlier, it would be n=
ice to receive more information of what actually happened, if GoDaddy, or a=
nyone in the know with GoDaddy, would oblige.
- Naveen
