nanog mailing list archives

Re: Dyn DDoS this AM?

From: Mike Hammett <nanog () ics-il net>
Date: Fri, 21 Oct 2016 11:01:27 -0500 (CDT)

Are there sites that can test your BCP38\84 compliance? I'm okay, but interested in what I can share to raise 
awareness. 




----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

----- Original Message -----

From: "Patrick W. Gilmore" <patrick () ianai net> 
To: "NANOG list" <nanog () nanog org> 
Sent: Friday, October 21, 2016 10:48:21 AM 
Subject: Re: Dyn DDoS this AM? 

I cannot give additional info other than what’s been on “public media”. 

However, I would very much like to say that this is a horrific trend on the Internet. The idea that someone can mention 
a DDoS then get DDoS’ed Can Not Stand. See Krebs’ on the Democratization of Censorship. See lots of other things. 

To Dyn and everyone else being attacked: 
The community is behind you. There are problems, but if we stick together, we can beat these miscreants. 

To the miscreants: 
You will not succeed. Search "churchill on the beaches”. It’s a bit melodramatic, but it’s how I feel at this moment. 

To the rest of the community: 
If you can help, please do. I know a lot of you are thinking “what can I do?" There is a lot you can do. BCP38 & BCP84 
instantly come to mind. Sure, that doesn’t help Mirai, but it still helps. There are many other things you can do as 
well. 

But a lot of it is just willingness to help. When someone asks you to help trace an attack, do not let the request sit 
for a while. Damage is being done. Help your neighbor. When someone’s house is burning, your current project, your 
lunch break, whatever else you are doing is almost certainly less important. If we stick together and help each other, 
we can - we WILL - win this war. If we are apathetic, we have already lost. 


OK, enough motivational speaking for today. But take this to heart. Our biggest problem is people thinking they cannot 
or do not want to help. 

-- 
TTFN, 
patrick

On Oct 21, 2016, at 10:55 AM, Chris Grundemann <cgrundemann () gmail com> wrote: 

Does anyone have any additional details? Seems to be over now, but I'm very 
curious about the specifics of such a highly impactful attack (and it's 
timing following NANOG 68)... 

https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-reddit/ 

-- 
@ChrisGrundemann 
http://chrisgrundemann.com

Current thread:

Dyn DDoS this AM? Chris Grundemann (Oct 21)
- Re: Dyn DDoS this AM? Patrick W. Gilmore (Oct 21)
  - RE: Dyn DDoS this AM? rar (Oct 21)
    - RE: Dyn DDoS this AM? Brandon Ross (Oct 21)
  - Re: Dyn DDoS this AM? Mike Hammett (Oct 21)
    - Re: Dyn DDoS this AM? Roland Dobbins (Oct 21)
    - Re: Dyn DDoS this AM? Steve Meuse (Oct 21)
    - Re: Dyn DDoS this AM? Patrick W. Gilmore (Oct 21)
  - Re: Dyn DDoS this AM? Patrick W. Gilmore (Oct 21)
    - Re: Dyn DDoS this AM? Alain Hebert (Oct 21)
    - Re: Dyn DDoS this AM? Jared Mauch (Oct 24)
    - Re: Dyn DDoS this AM? David Hubbard (Oct 21)
    - Re: Dyn DDoS this AM? Patrick W. Gilmore (Oct 21)
    - Re: Dyn DDoS this AM? Yang Yu (Oct 21)
  - Re: Dyn DDoS this AM? Brian Davies via NANOG (Oct 21)

(Thread continues...)