Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
The Internet

Several Sites Including Twitter, GitHub, Spotify, PayPal, NYTimes Suffering Outage -- Dyn DNS Under DDoS Attack [Update] (techcrunch.com) 264

Several popular websites and services are down right now for many users. The affected sites include Twitter, SoundCloud, Spotify, and PayPal among others. The cause appears to be a sweeping outage of DNS provider Dyn -- which in turn is under DDoS attack, according to an official blog post. From a TechCrunch report:Other sites experiencing issues include Box, Boston Globe, New York Times, Github, Airbnb, Reddit, Freshbooks, Heroku and Vox Media properties. Users accessing these sites might have more or less success depending on where they're located, as some European and Asian users seem not to be encountering these issues. Last month, Bruce Schneier warned that someone was learning how to take down the internet. Update: 10/21 14:41 GMT by M : Dyn says that it has resolved the issue and sites should function normally. Update: 10/21 17:04 GMT by M : Department of Homeland Security says it is aware of the first DDoS attack on Dyn today and "investigating all potential causes." Dyn says it is still under DDoS attack. News outlet The Next Web says it is also facing issues. Any website that uses Dyn's service -- directly or indirectly -- is facing the issue. Motherboard has more details. Update: 10/21 17:57 GMT by M : It seems even PlayStation Network is also hit. EA Sports Games said it is aware of the issues in live-play. Dyn says it is facing a second round of DDoS attacks.

Update: 10/21 18:45 GMT by M : U.S. government probing whether east coast internet attack was a 'criminal act' - official.

Editor's note: the story is being updated as we learn more. The front page was updated to move this story up. Are you also facing issues? Share your experience in the comments section below.
This discussion has been archived. No new comments can be posted.

Several Sites Including Twitter, GitHub, Spotify, PayPal, NYTimes Suffering Outage -- Dyn DNS Under DDoS Attack [Update]

Comments Filter:
  • by Feneric ( 765069 ) on Friday October 21, 2016 @08:11AM (#53121679) Homepage
    It's hard to tweet that Twitter is down when Twitter is down.
  • The main page loads but the comic image itself doesn't work.

  • These large sites couldn't host their own dns? Really?
    • Re:Dns (Score:4, Informative)

      by omnichad ( 1198475 ) on Friday October 21, 2016 @08:24AM (#53121771) Homepage

      The thing about DNS is that to get the best speed, you want the nodes distributed as far and wide as possible. And you don't want it on the same servers as your main service. So it's either a different department or a different company - guess which one is cheaper.

      • I can't see milliseconds making that big of a difference. Especially for a music streaming site where most of it is a long transfer. Oh well you get what you pay for it guess.
        • Try an ISP DNS server sometime. Before I remembered to change DNS after upgrading my router, I would get 2+ seconds of latency on every single page load before anything would happen at all. Even running my own DNS server and every query going straight to the root servers takes less time than that.

      • by guruevi ( 827432 )

        If it were truly distributed this wouldn't happen as DNS has inherent failovers. This is just an example of using "the cloud" box.net and other enterprise cloud software is also down. They're all using the same providers which is not as distributed as it promises.

        • DDoS attacks are distributed too - it's in the name. And each bot will hit the closest server if the DNS system is using Anycast or similar.

          • Re:Dns (Score:5, Insightful)

            by guruevi ( 827432 ) on Friday October 21, 2016 @01:32PM (#53124437)

            Yes, but the problem here is all these services are using a singular DNS service which is under attack.

            A good decade and a half ago, when I was part of a hosting company, we had the DNS for our customers across 3 or 4 different providers. That way, if for whatever reason one provider went out of business, the domains would continue to operate.

            The problem is this:
            Github.com:
                  Name Server: NS1.P16.DYNECT.NET
                  Name Server: NS2.P16.DYNECT.NET
                  Name Server: NS3.P16.DYNECT.NET
                  Name Server: NS4.P16.DYNECT.NET

            Twitter.com
                  Name Server: NS1.P34.DYNECT.NET
                  Name Server: NS2.P34.DYNECT.NET
                  Name Server: NS3.P34.DYNECT.NET
                  Name Server: NS4.P34.DYNECT.NET

            Box.net
            Name Server: ns3.p05.dynect.net
            Name Server: ns1.p05.dynect.net
            Name Server: ns2.p05.dynect.net
            Name Server: ns4.p05.dynect.net

            If for whatever reason DynDNS pulls the plug (which they have a history of for reasons of profit and incompetence), all these sites are down. It doesn't matter whether or not you're using Unicast or Anycast, if your provider 'dies' (or it's host providers like Amazon which also has a history of major outages) then your domain dies. And before you get all your glue records fixed, you're out at least 48-72 hours.

            • I don't disagree with any of that. A company that large should be using multiple.

            • The problem is this:
              Github.com:
              Name Server: NS1.P16.DYNECT.NET
              Name Server: NS2.P16.DYNECT.NET
              Name Server: NS3.P16.DYNECT.NET
              Name Server: NS4.P16.DYNECT.NET
              ...

              There's nothing wrong with having all your DNS servers under the same subdomain. What matters is what IP addresses those names resolve to. I've seen primary and secondary DNS servers that aren't even on different IPV4 subnets, never mind geographically distant ones.

              • by DaHat ( 247651 )

                There is when say... the DNS server which handles authoritative lookups of DYNECT.NET and related sub domains is overwhelmed or down.

            • Yes, but the problem here is all these services are using a singular DNS service which is under attack.

              Well it doesn't take a genius to see that won't be the case much longer.

  • ....I'm bumping along nicely on Spotify right now... Must have cached the DNS entries since I go there a lot.

  • According to Dyn: "This attack is mainly impacting US East and is impacting Managed DNS customers in this region."

    The PC in my flat (in the UK - on a free dyndns.org address) is alive and well and talking to the outside world.

    As usual - someone has assuming that the US = the whole world - learn some fucking geography!

  • DynECT is a dinosaur (Score:5, Interesting)

    by Anonymous Coward on Friday October 21, 2016 @08:37AM (#53121913)

    Working at a medium traffic startup, DynECT always insisted that their service was worth a lot[1] more money than AWS's Route 53 or Google's Cloud DNS because unlike AWS or Google they had never had a service outage and boasted 100% uptime since their company was founded.

    Looks like we made the right choice going with Route 53 instead of these guys.

    1. Seriously, they wanted 5,000 USD/mo when AWS charges 8 USD/mo for the same service.

  • by known_coward_69 ( 4151743 ) on Friday October 21, 2016 @08:37AM (#53121915)

    Tried to reload my card via the app and couldn't. had to pay for my drink with a credit card. The shame

  • But it is backup and functioning again.
  • I've been doing end user computing for quite a while, and we've gone through so many cycles of "where the client intelligence lives" or "where the virtual desktop is hosted" and everyone oscillates between two extremes. PCs to zero clients usually ends up being a mix of laptops and thin clients in the end. All VDI ends up being some VDI after some very expensive POCs in most cases. I guess the same debate of "host it yourself vs. rely on a cloud provider" is alive and well here. I see it every day where I w

    • by ZenShadow ( 101870 ) on Friday October 21, 2016 @10:10AM (#53122555) Homepage

      The dynamics of this issue have changed considerably.

      Five years or so ago, going offline was a Big Deal. Nowadays, people (both users and CxO's) don't seem to care as much; outages are transient, and accepted as a part of the cost of doing business. It's kinda sad for those of us who build high availability systems, but at the same time it's probably a lot more realistic for the budgets of most businesses.

      Part of it, IMO, is that the Internet has been around long enough now (in a commercial sense) that the users are finally more prone to saying "my Internet is down" than "my Twitter is down".

      Perception is everything.

  • i just been there a moment ago, works fine, pages load quickly and completely
  • Forget the sites the articles mention. I was having very serious troubles getting to the Guardian's site, pictures not loading, and worse, I couldn't even log onto my hosting provider.

    Now, I'm on Verizon FIOS, and my system (Linux, a real o/s) couldn't even ping hostmonster.com, it couldn't find the name, until I manual added nameserver 8.8.8.8 (one of google's) to my resolv.conf. Then it started working.

    That tells me that it was overloading nameservers in a *LOT* of places.

              mark

    • by whitroth ( 9367 )

      Also, I'm wondering how much of this is political - I cannot reach Paul Krugman's blog in the NYT.

              mark

  • From this: http://www.wnd.com/2016/10/rus... [wnd.com]

    Joe Biden told NBC a “message” would be sent to Russian President Vladimir Putin over the alleged hacking, with the channel saying the CIA was preparing a retaliatory cyber attack “designed to harass and ’embarrass’ the Kremlin leadership.”

    Kremlin spokesman Dmitry Peskov immediately denounced Biden’s remarks, saying Moscow would take precautions to safeguard its interests in the face of the increasing “unpredictability and aggressiveness of the United States”.

    • That does seem like something the US would do: try to take retaliatory international action, end up shooting itself in the foot. We've never been particularly good at international relations.
  • It's not like we accidentally gave botnet creators millions of more devices to use as processing power for DDoS. Right?
  • by No Longer an AC ( 4611353 ) on Friday October 21, 2016 @02:22PM (#53124961) Journal

    Not that I care much. I have 2 twitter accounts, one for my cat and one so I can keep up with the latest inane things that Jeremy Clarkson, Neil DeGrasse Tyson and John McAffee say and McAffee is kind of annoying so I'm thinking of unfollowing him

    I'm sure the NYTimes will be up by the time I want to click on a link to them if they're not up already.

    Reddit seems to be working as does Fark, YouTube and Netflix. I know those last three weren't mentioned but I frequent those sites.

    Disqus is down if anyone but trolls care.

    LOL, I just put in nytimes.com and got an attempted browser hijack. I got about 5 pop-ups trying to scare me. I managed to close them too fast to read exactly what they said.

  • Beanstalkapp is down for us here (prairie region of Canada). Beanstalkapp is a git repository similar to GitHub and Bitbucket, kinda important when you are a development shop. Twitter is down too. Current time is 1:30pm MDT.

  • At the very least it's criminal mischief -- denying someone the legal use of their property. You can add all sorts of cyber crimes to the pool as well -- like using zombie servers means accessing (hundreds of) thousands of people's computers without authorization or permission.

    The next thing to look at is whether or not this is just a dress rehearsal for a real attack. My guess is that this is just a test... They want to know what it takes to shut down a chunk of the internet. Next time will be the

Time is the most valuable thing a man can spend. -- Theophrastus

Working...