Recommend
3 
 Thumb up
 Hide
29 Posts
1 , 2  Next »   | 

BoardGameGeek» Forums » Everything Else » Religion, Sex, and Politics

Subject: Big internet attack this morning: Lets have some fun paranoia rss

Your Tags: Add tags
Popular Tags: [View All]
Mike Stiles
United States
California
flag msg tools
badge
Shaman
Avatar
mbmbmb
So yeah Dyn and AWS got hit today, bringing down the internet for most of the US east coast:

So here's 2 questions:

Any RSP'ers get hit with this?

Also, who do you think is responsible? (I'm gonna say... Russia!)

I know early speculation is irresponsible, but hell, we're RSP :D
3 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Sam I am
United States
Portage
Michigan
flag msg tools
What did I tell you...
badge
NO PICKLE!
Avatar
mbmbmbmbmb
Last gasp effort by Russia to create chaos so Putin's gal-pal can get elected?
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Mike Stiles
United States
California
flag msg tools
badge
Shaman
Avatar
mbmbmb
rcbevco wrote:
Last gasp effort by Russia to create chaos so Putin's gal-pal can get elected?


Honestly, given the size an effectiveness, I presume it's a test attack by *some* state actor to see if they can do it and how disruptive it would be.

I'll tell you, our players were NOT pleased :p
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Sam I am
United States
Portage
Michigan
flag msg tools
What did I tell you...
badge
NO PICKLE!
Avatar
mbmbmbmbmb
Nerd rage trolling?
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Mike Stiles
United States
California
flag msg tools
badge
Shaman
Avatar
mbmbmb
rcbevco wrote:
Nerd rage trolling?


There were... complaints :p
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Sam I am
United States
Portage
Michigan
flag msg tools
What did I tell you...
badge
NO PICKLE!
Avatar
mbmbmbmbmb
windsagio wrote:
So yeah Dyn and AWS got hit today, bringing down the internet for most of the US east coast.

This is going to show my age but... WTF are Dyn & AWS?
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Mike Stiles
United States
California
flag msg tools
badge
Shaman
Avatar
mbmbmb
rcbevco wrote:
windsagio wrote:
So yeah Dyn and AWS got hit today, bringing down the internet for most of the US east coast.

This is going to show my age but... WTF are Dyn & AWS?


Dyn is a big backend service provider. I'll admit I hadn't heard of them either until looking into the attacks.

AWS is amazon web services, I'll let wiki do the talking.

https://en.wikipedia.org/wiki/Amazon_Web_Services

Either way they do DNS and server support for a HUGE swath of sites and products.
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Josh
United States
Pennsylvania
flag msg tools
Avatar
mbmbmbmbmb
I didn't notice.
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Paul DeStefano
United States
Long Island
New York
flag msg tools
designer
badge
It's a Zendrum. www.zendrum.com
Avatar
mbmbmbmbmb
It lasted maybe 2 minutes for me. I didn't think it was an attack, just a service blip.
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls

Madison
Wisconsin
msg tools
badge
Avatar
mbmbmbmbmb
windsagio wrote:
So yeah Dyn and AWS got hit today, bringing down the internet for most of the US east coast:

So here's 2 questions:

Any RSP'ers get hit with this?

Also, who do you think is responsible? (I'm gonna say... Russia!)

I know early speculation is irresponsible, but hell, we're RSP


Some BGGers got boxed out of MM's sale. Hate and hilarity ensued.



1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls

Madison
Wisconsin
msg tools
badge
Avatar
mbmbmbmbmb
Geosphere wrote:
It lasted maybe 2 minutes for me. I didn't think it was an attack, just a service blip.


Declared as an DOS attack by the targets, so I'll chalk it up to premeditated action.

1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Mark Hamzy
United States
Round Rock
Texas
flag msg tools
Ace race, baby!
badge
I, for one, welcome your mouse pointer.
Avatar
mbmbmbmbmb
windsagio wrote:

Any RSP'ers get hit with this?


DNS resolution for github.com is down which stops git clone... soblue
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
The Seal of Approval
Austria
Vienna
flag msg tools
badge
Avatar
mbmbmbmbmb
hamzy wrote:
windsagio wrote:

Any RSP'ers get hit with this?


DNS resolution for github.com is down which stops git clone... soblue


You might find a solution here: https://www.reddit.com/r/github/comments/58ou7w/while_the_dn...
2 
 Thumb up
1.00
 tip
 Hide
  • [+] Dice rolls
Mike Stiles
United States
California
flag msg tools
badge
Shaman
Avatar
mbmbmb
hamzy wrote:
windsagio wrote:

Any RSP'ers get hit with this?


DNS resolution for github.com is down which stops git clone... :soblue:


That... is annoying.
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Mark Hamzy
United States
Round Rock
Texas
flag msg tools
Ace race, baby!
badge
I, for one, welcome your mouse pointer.
Avatar
mbmbmbmbmb
Asperamanca wrote:
hamzy wrote:
windsagio wrote:

Any RSP'ers get hit with this?


DNS resolution for github.com is down which stops git clone... soblue


You might find a solution here: https://www.reddit.com/r/github/comments/58ou7w/while_the_dn...



[hamzy@hamzy-tp-w540 ~]$ cd /tmp
[hamzy@hamzy-tp-w540 tmp]$ git clone http://github.com/openstack-infra/ciwatch
Cloning into 'ciwatch'...
^C
[hamzy@hamzy-tp-w540 tmp]$ sudo vi /etc/hosts
[hamzy@hamzy-tp-w540 tmp]$ git clone http://github.com/openstack-infra/ciwatch
Cloning into 'ciwatch'...
remote: Counting objects: 213, done.
remote: Total 213 (delta 0), reused 0 (delta 0), pack-reused 213
Receiving objects: 100% (213/213), 48.75 KiB | 0 bytes/s, done.
Resolving deltas: 100% (127/127), done.
Checking connectivity... done.


\o/

PS: I know Open Stack has their own servers... this was just an example...
2 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Shawn Fox
United States
Richardson
Texas
flag msg tools
Question everything.
Avatar
mbmbmbmbmb
So the Russians are mad that Julian Assange lost his internet access?
3 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Chris Binkowski
United States
Rochester
Michigan
flag msg tools
mbmbmb
I suspect the first actual Russian attack on our internet access would precede some inbound ICBMs.

What do you think was gained for Russia to do this? Take down Twitter for a bit? Any strategic value?
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Donald
United States
New Alexandria
Pennsylvania
flag msg tools
Avatar
mbmbmbmbmb
Sarxis wrote:
I suspect the first actual Russian attack on our internet access would precede some inbound ICBMs.

What do you think was gained for Russia to do this? Take down Twitter for a bit? Any strategic value?


Only way to keep their boy Trump from making anymore embarrassing tweets.


4 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Mike Stiles
United States
California
flag msg tools
badge
Shaman
Avatar
mbmbmb
Sarxis wrote:
I suspect the first actual Russian attack on our internet access would precede some inbound ICBMs.

What do you think was gained for Russia to do this? Take down Twitter for a bit? Any strategic value?


On a more serious note, it's a strong test-of-concept for how viable it is and how much damage it does.
4 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Grand Admiral Thrawn
United States
New Jersey
flag msg tools
badge
Avatar
mbmbmbmbmb
I didn't notice because our workplace technology always fails. Lol.
2 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Eric Knauer
United States
Heathrow
Florida
flag msg tools
Avatar
mbmbmbmbmb
https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powe...

Quote:
At first, it was unclear who or what was behind the attack on Dyn. But over the past few hours, at least one computer security firm has come out saying the attack involved Mirai, the same malware strain that was used in the record 620 Gpbs attack on my site last month. At the end September 2016, the hacker responsible for creating the Mirai malware released the source code for it, effectively letting anyone build their own attack army using Mirai.

Mirai scours the Web for IoT devices protected by little more than factory-default usernames and passwords, and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users.

According to researchers at security firm Flashpoint, today’s attack was launched at least in part by a Mirai-based botnet. Allison Nixon, director of research at Flashpoint, said the botnet used in today’s ongoing attack is built on the backs of hacked IoT devices — mainly compromised digital video recorders (DVRs) and IP cameras made by a Chinese hi-tech company called XiongMai Technologies. The components that XiongMai makes are sold downstream to vendors who then use it in their own products.

“It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States,” Nixon said, noting that Flashpoint hasn’t ruled out the possibility of multiple botnets being involved in the attack on Dyn..."

5 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Chapel
United States
Round Rock
Texas
flag msg tools
badge
"Don't be humble... you're not that great."
Avatar
mbmbmb
I love how the attacks are coming from printers, security cameras, and thermostats.

7 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Michael Carter
United States
Marion
Iowa
flag msg tools
Avatar
mbmbmbmbmb
I imagine this was a test run for something bigger. IoT devices are a potentially easy target since manufacturers tend to stop updating the software after only a few years.
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
The Seal of Approval
Austria
Vienna
flag msg tools
badge
Avatar
mbmbmbmbmb
mlcarter815 wrote:
I imagine this was a test run for something bigger. IoT devices are a potentially easy target since manufacturers tend to stop updating the software after only a few years.


They provide updates? Like...ever?
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Jorge Montero
United States
St Louis
Missouri
flag msg tools
badge
I'll take Manhattan in a garbage bag. With Latin written on it that says "It's hard to give a shit these days"
Avatar
mbmbmbmbmb
Given how easy it is to create a 500Gbps botnet these days, speculation is not going to get us anywhere.

What I worry about is that this problem is only going to get worse. I'd be surprised if by next year, a sophisticated attacker can throw 100Tbs at a target, which would take out almost anything.

Today we have groups threatening to DDoS unless they are paid protection money, but for the most part, they are all just empty threats, incapable of throwing enough bandwidth to take down serious businesses. Those people will get enough power to be scary soon enough too. That's not going to be pretty, and government reaction to it is not going to be pretty either.

The incentives are all in the wrong places for the market to fix this too: A weak IoT device is not going to make a dent to its owner's bandwidth in a DDoS attack. The manufacturer? Go talk to China. Our best bet would be ISPs collaborating with each other and traffic shaping the attacks as close to the origin as possible. But unless they are attacked themselves, who is going to make them care?
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
1 , 2  Next »   | 
Front Page | Welcome | Contact | Privacy Policy | Terms of Service | Advertise | Support BGG | Feeds RSS
Geekdo, BoardGameGeek, the Geekdo logo, and the BoardGameGeek logo are trademarks of BoardGameGeek, LLC.