[192183] in North American Network Operators' Group
Re: Dyn DDoS this AM?
daemon@ATHENA.MIT.EDU (George William Herbert)
Sat Oct 22 02:37:23 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <FA5F3576-A898-4EE5-B643-FC381A159BE0@semihuman.com>
From: George William Herbert <george.herbert@gmail.com>
Date: Fri, 21 Oct 2016 23:37:17 -0700
To: Chris Woodfield <rekoil@semihuman.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Oh god, you invoked @popehat ...
[dyndds and its customers sue XiongMai, the OEM integrators, and Does 1-10,0=
00,000 who own the devices for neglegence?...]
Sent from my iPhone
> On Oct 21, 2016, at 8:29 PM, Chris Woodfield <rekoil@semihuman.com> wrote:=
>=20
> As a Twitter network engineer (and the guy Patrick let camp out in your h=
otel room all day) - thank you for this. Whoever was behind this just poked a=
hornet=E2=80=99s nest.=20
>=20
> =E2=80=9CGovern yourselves accordingly=E2=80=9D.
>=20
> -C
>=20
> (Obviously speaking for myself, not my employer=E2=80=A6)
>=20
>> On Oct 21, 2016, at 10:48 AM, Patrick W. Gilmore <patrick@ianai.net> wrot=
e:
>>=20
>> I cannot give additional info other than what=E2=80=99s been on =E2=80=9C=
public media=E2=80=9D.
>>=20
>> However, I would very much like to say that this is a horrific trend on t=
he Internet. The idea that someone can mention a DDoS then get DDoS=E2=80=99=
ed Can Not Stand. See Krebs=E2=80=99 on the Democratization of Censorship. S=
ee lots of other things.
>>=20
>> To Dyn and everyone else being attacked:
>> The community is behind you. There are problems, but if we stick together=
, we can beat these miscreants.
>>=20
>> To the miscreants:
>> You will not succeed. Search "churchill on the beaches=E2=80=9D. It=E2=80=
=99s a bit melodramatic, but it=E2=80=99s how I feel at this moment.
>>=20
>> To the rest of the community:
>> If you can help, please do. I know a lot of you are thinking =E2=80=9Cwha=
t can I do?" There is a lot you can do. BCP38 & BCP84 instantly come to mind=
. Sure, that doesn=E2=80=99t help Mirai, but it still helps. There are many o=
ther things you can do as well.
>>=20
>> But a lot of it is just willingness to help. When someone asks you to hel=
p trace an attack, do not let the request sit for a while. Damage is being d=
one. Help your neighbor. When someone=E2=80=99s house is burning, your curre=
nt project, your lunch break, whatever else you are doing is almost certainl=
y less important. If we stick together and help each other, we can - we WILL=
- win this war. If we are apathetic, we have already lost.
>>=20
>>=20
>> OK, enough motivational speaking for today. But take this to heart. Our b=
iggest problem is people thinking they cannot or do not want to help.
>>=20
>> --=20
>> TTFN,
>> patrick
>>=20
>>> On Oct 21, 2016, at 10:55 AM, Chris Grundemann <cgrundemann@gmail.com> w=
rote:
>>>=20
>>> Does anyone have any additional details? Seems to be over now, but I'm v=
ery
>>> curious about the specifics of such a highly impactful attack (and it's
>>> timing following NANOG 68)...
>>>=20
>>> https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-=
reddit/
>>>=20
>>> --=20
>>> @ChrisGrundemann
>>> http://chrisgrundemann.com
>=20
