Factorio Forums

Alrighty, So DynDNS is a company known for hosting a large chunk of DNS for a lot of companies. Well they are having a huge DDOS attack at the moment and people are having issues. Factorio uses Heroku for its servers and such and Heroku uses DynDNS. You can see where this is going..

Basically, DynDNS being DDOS'd, Disriupts Heroku, Factorio doesn't work for some people and you can't login or do other such processes.

Awww, I wanted to tell everyone about it... "Dyn DNS is facing a massive DDoS attack that’s resulting in a widespread service outage. Many websites are facing partial or complete downtime. While Dyn DNS continues to face the DDoS attack, the forces behind the same remain unknown."

Paypal is also down due to the attack.

So is twitter.

I've heard that Google DNS and OpenDNS were being targetted as well, with users of these public DNS services facing poor or no connectivity.

I work for a company that offers services much like Heroku's and OH MY GOD THIS IS KILLING ME WTF WHY IS EVERYTHING BROKEN PEOPLE CAN'T DEPLOY THE WORLD IS ENDING SEND HELP PLEASE!

Seriusly though, f**k the people that are doing this DDoS. It's not that it took down the web (which it did and is kinda impressive) but that it has caused soooooo many issues for me at work

hmm..does nobody put a backup DNS address for when their primary is having problems? I use DynDNS, but when it can't be reached my IP configuration is set to use my ISPs DNS server as a backup. I didn't even know there was a problem until I heard about it in the news, and I am online pretty much all the time when I am not sleeping.

Just for the benefit of those of us who are not familiar with this part of the internet, why do people invest time effort and money to carry out DDOS attacks that bring down public DNSs? I get that evil "cyber criminals" send out malicious emails and add and such to recruit the computers and devices of those daft enough to click dodgy links (or perhaps covertly assume control if the programmer knew his stuff) and then hire out their bot net, but why do people pay for the service? Is it competitors doing business like it's 1950s Chicago? Or perhaps pubescent kids trying to hurt businesses with their pocket money. Why not conspiracy nuts who think that Twitter and Facebook are controlling our minds and bringing down their servers will free us, so they're saving the world.

I could go on, but the examples would only get more wacky and I run the risk of offending someone accidentally, truth is, I really have no idea, and a curiosity to boot.

Thegrover wrote:Why not conspiracy nuts who think that Twitter and Facebook are controlling our minds and bringing down their servers will free us, so they're saving the world.

You got it in the end

Thegrover wrote:Just for the benefit of those of us who are not familiar with this part of the internet, why do people invest time effort and money to carry out DDOS attacks that bring down public DNSs? I get that evil "cyber criminals" send out malicious emails and add and such to recruit the computers and devices of those daft enough to click dodgy links (or perhaps covertly assume control if the programmer knew his stuff) and then hire out their bot net, but why do people pay for the service? Is it competitors doing business like it's 1950s Chicago? Or perhaps pubescent kids trying to hurt businesses with their pocket money. Why not conspiracy nuts who think that Twitter and Facebook are controlling our minds and bringing down their servers will free us, so they're saving the world.

I could go on, but the examples would only get more wacky and I run the risk of offending someone accidentally, truth is, I really have no idea, and a curiosity to boot.

A large portion is essentially used as extortion. You bring some company to its knees, request a pile of bitcoins to make it stop. That said, I have not heard what the motivation behind the dyndns attack is.
Other possibilities beyond extortion:
Cover up/distract from a different attack. If they are buried under the DDOS, maybe nobody notices a smaller targeted attack.
You can affect the stock markets to some degree, as the affected companies are likely to take some sort of hit. The attacker takes a short position, or buys low during/shortly after the attack, assuming the company will recover.
I don't think these attacks are caused by a state actor, but if they are then it could be for propaganda reasons. Or just hurt your enemies in a way that's difficult to trace.

Good article on it here: http://arstechnica.com/information-tech ... -internet/

Good thing I run a huge DNS cache on my Unraid hypervisor.

It's only accessible over localhost so I'm not part of the source IP spoof attacks that were happening.

GlassDeviant wrote:hmm..does nobody put a backup DNS address for when their primary is having problems? I use DynDNS, but when it can't be reached my IP configuration is set to use my ISPs DNS server as a backup. I didn't even know there was a problem until I heard about it in the news, and I am online pretty much all the time when I am not sleeping.

Per RFC specification, all DNS zones must be served by two physically unique pieces of equipment. It is recommended to install these two or more servers in different regions of the world, or at least different facilities. Like so if one fails the other will pick up the load.

In this case the attack was sufficiently large to overwhelm all of DynDNS's servers at the same time, making the DNS records they were serving unavailable to people who did not have them cached in a resolver between them and Dyn.

Interestingly enough, my own websites are registered via Dyn and rely on Dyn to provide glue records so that requests for my sites are directed to my own servers- who speak for themselves when it comes to DNS. I was able to reach all of the sites I host during the outage, but I am under the impression that anyone who didn't have the glue records cached would have been unable to reach me.

Thegrover wrote:Just for the benefit of those of us who are not familiar with this part of the internet, why do people invest time effort and money to carry out DDOS attacks that bring down public DNSs? I get that evil "cyber criminals" send out malicious emails and add and such to recruit the computers and devices of those daft enough to click dodgy links (or perhaps covertly assume control if the programmer knew his stuff) and then hire out their bot net, but why do people pay for the service? Is it competitors doing business like it's 1950s Chicago? Or perhaps pubescent kids trying to hurt businesses with their pocket money. Why not conspiracy nuts who think that Twitter and Facebook are controlling our minds and bringing down their servers will free us, so they're saving the world.

The truth is, the internet is at war. And has been perpetually at war since the 1990s.

There are many reasons why a DDoS will take place. The most common two types being that a site's content offended someone else, or a troll decided to be a jerk and make it unavailable just to watch its users cry.

Attacks also take place for far more nefarious reasons- silencing whistleblowers, ruining the reputation and finances of rival companies, distracting people from much bigger problems, and the good old mob rule pay us or we'll destroy you.

I've seen attacks take place to bring down highly immoral and illegal content hosted in places where no legal means to remove it exists, and I've been on the recieving end of attacks that I believe were intended to silence me and ruin my business interests.

OdinYggd wrote:…a site's content offended someone…

I find these IP addresses offensive!