Author Topic: Major DDOS attacks today  (Read 10231 times)

0 Members and 1 Guest are viewing this topic.

Offline zaptaTopic starter

  • Super Contributor
  • ***
  • Posts: 6189
  • Country: us
Major DDOS attacks today
« on: October 21, 2016, 10:32:41 pm »
Major DDOS attacks today, including on major sites.

Couldn't access github earlier but it's up again.

http://www.usatoday.com/story/tech/2016/10/21/cyber-attack-takes-down-east-coast-netflix-spotify-twitter/92507806/

I wonder if the timing is related to current events such as blocking Assange's internet access or the tension with Russia.
 

Offline Bud

  • Super Contributor
  • ***
  • Posts: 6877
  • Country: ca
Re: Major DDOS attacks today
« Reply #1 on: October 21, 2016, 11:36:38 pm »
Some kids playing with crappy IoTs.

We had Edward Snowden speaking at a major Security conference here in Toronto couple days back (via a link) , nobody gave shit to try blocking him.
Facebook-free life and Rigol-free shack.
 

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 16544
  • Country: us
  • DavidH
Re: Major DDOS attacks today
« Reply #2 on: October 22, 2016, 01:42:45 am »
We had Edward Snowden speaking at a major Security conference here in Toronto couple days back (via a link) , nobody gave shit to try blocking him.

Snowden has not been peeing into Hillary's Cheerios.

Maybe DynDNS did not pay their DDOS protection money or one of their customers is the target.
 

Offline raptor1956

  • Frequent Contributor
  • **
  • Posts: 868
  • Country: us
Re: Major DDOS attacks today
« Reply #3 on: October 22, 2016, 02:03:45 am »
Wikileaks issued a statement for there guys to stop messing with the internet in the USA.  Assange said "you made your point!"


Brian
 

Offline zaptaTopic starter

  • Super Contributor
  • ***
  • Posts: 6189
  • Country: us
Re: Major DDOS attacks today
« Reply #4 on: October 22, 2016, 05:31:47 am »
Wikileaks issued a statement for there guys to stop messing with the internet in the USA.  Assange said "you made your point!"


Brian
Did Assange imply that he sees this DDOS related to his internet embargo?

As for snowden, he is not disclosing anything new these days.
 

Offline AntiProtonBoy

  • Frequent Contributor
  • **
  • Posts: 988
  • Country: au
  • I think I passed the Voight-Kampff test.
Re: Major DDOS attacks today
« Reply #5 on: October 22, 2016, 05:41:25 am »
Some kids playing with crappy IoTs.

I reckon it's more than that. In the past month Bruce Schneier has been talking about the possibility of someone (i.e. large foreign entities, such as governments) probing the defences of various networking infrastructure. The latest attack might have been part of that test.

https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html
 

Offline vodka

  • Frequent Contributor
  • **
  • Posts: 518
  • Country: es
Re: Major DDOS attacks today
« Reply #6 on: October 22, 2016, 05:56:19 am »
I think that is a preemptive  attack of Putin ,because is very curious that the russians were waiting during days  an  DDOS attack from CIA .
And  resulted that Usa is attacked by the same method that wanted to attack to Rusia :-DD.
 

Offline denverpilot

  • Regular Contributor
  • *
  • Posts: 74
Major DDOS attacks today
« Reply #7 on: October 22, 2016, 05:57:45 am »
https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/

https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/

Building lots and lots of small Internet of Things devices with poor security practices in them, now has significant consequences.

They'll become someone's bot farm.
 

Offline raptor1956

  • Frequent Contributor
  • **
  • Posts: 868
  • Country: us
Re: Major DDOS attacks today
« Reply #8 on: October 22, 2016, 06:24:31 am »
https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/

https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/

Building lots and lots of small Internet of Things devices with poor security practices in them, now has significant consequences.

They'll become someone's bot farm.

So, when the whole things falls to the ground it will be the toasters and refrigerators that are behind it.


Brian
 

Online Brumby

  • Supporter
  • ****
  • Posts: 12288
  • Country: au
Re: Major DDOS attacks today
« Reply #9 on: October 22, 2016, 07:08:58 am »

So, when the whole things falls to the ground it will be the toasters and refrigerators that are behind it.


The true face of Skynet is revealed.
 
The following users thanked this post: t2kv

Offline raptor1956

  • Frequent Contributor
  • **
  • Posts: 868
  • Country: us
Re: Major DDOS attacks today
« Reply #10 on: October 22, 2016, 08:02:46 am »

So, when the whole things falls to the ground it will be the toasters and refrigerators that are behind it.


The true face of Skynet is revealed.


If you listen to Elon Musk he's pretty worried about Skynet actually happening...


Brian
 

Offline AntiProtonBoy

  • Frequent Contributor
  • **
  • Posts: 988
  • Country: au
  • I think I passed the Voight-Kampff test.
Re: Major DDOS attacks today
« Reply #11 on: October 22, 2016, 08:23:42 am »
I think Elon should just stick with making cars.
 

Online sleemanj

  • Super Contributor
  • ***
  • Posts: 3020
  • Country: nz
  • Professional tightwad.
    • The electronics hobby components I sell.
Re: Major DDOS attacks today
« Reply #12 on: October 22, 2016, 09:06:10 am »
The number of bots out there trying to compromise your stuff is crazy,  a few weeks ago I had a look in my logs and was surprised just how constantly IP's are trying to log into my personal home workstation via SSH (and failing naturally).

Just today 21 newcomers gave it a shot, mostly from China, a couple Vietnam.

Some nice almost sequential IP's too...

 [ssh] Ban 119.249.54.66
 [ssh] Ban 119.249.54.68
 [ssh] Ban 119.249.54.75
 [ssh] Ban 119.249.54.88
 [ssh] Ban 121.18.238.104
 [ssh] Ban 121.18.238.109
 [ssh] Ban 121.18.238.114
 [ssh] Ban 121.18.238.98
 [ssh] Ban 123.31.34.217
 [ssh] Ban 123.31.41.212
 [ssh] Ban 163.172.16.102
 [ssh] Ban 211.64.120.91
 [ssh] Ban 212.129.2.234
 [ssh] Ban 221.194.44.143
 [ssh] Ban 221.194.47.208
 [ssh] Ban 221.194.47.224
 [ssh] Ban 221.194.47.229
 [ssh] Ban 221.194.47.249
 [ssh] Ban 222.186.21.35
 [ssh] Ban 58.30.52.46
 [ssh] Ban 89.163.224.128
~~~
EEVBlog Members - get yourself 10% discount off all my electronic components for sale just use the Buy Direct links and use Coupon Code "eevblog" during checkout.  Shipping from New Zealand, international orders welcome :-)
 
The following users thanked this post: rx8pilot

Offline dansan

  • Contributor
  • Posts: 11
  • Country: us
Re: Major DDOS attacks today
« Reply #13 on: October 23, 2016, 11:24:17 pm »
The negligence of these vendors is insane.  They are shipping millions of devices that are insecure by default and can be trivially compromised.  To make matters worse, the nature of the devices can make detection and removal difficult or impossible.  People hate intrusive government regulation, but market failures like this practically invite it.
 

Offline batteksystem

  • Regular Contributor
  • *
  • Posts: 167
  • Country: hk
    • My ebay store
Re: Major DDOS attacks today
« Reply #14 on: October 23, 2016, 11:53:57 pm »
The negligence of these vendors is insane.  They are shipping millions of devices that are insecure by default and can be trivially compromised.  To make matters worse, the nature of the devices can make detection and removal difficult or impossible.  People hate intrusive government regulation, but market failures like this practically invite it.

Unless you can convince consumer that their priority is security, but not "how can I login to this damn thing, ah admin admin"

Offline TheNewLab

  • Frequent Contributor
  • **
  • Posts: 290
  • Country: us
Re: Major DDOS attacks today
« Reply #15 on: October 24, 2016, 06:58:49 am »
Right, convince consumers to make security their priority (sarcasm here).

More seriously, We are enamored with all these devices and their connectivity. Interesting with people anywhere in the world is exhilarating, fascinated, more connected, yet more disconnected.
We need a greater awareness for the need for Internet security (security and need for some privacy in general)
It is like the Boiling frog analogy. "Bring the heat up slowly, and the frog stays in and boils" It is vague and existential to most Americans..that is, until they have been hacked and have their identities stolen. Then they take it very seriously. At a server and domain level, 90% of people only vaguely understand what those words mean.

We are still dependent on the programmers, hardware designers, Internet managers, and organizations dedicated only to  keeping us current of where security needs to improve and where we have failed.

I now have an app on my smart phone that aggregates articles and updates on Internet security. Glad I have it. It follows up on old stories, Our mainstream news doesn't do that. I am learning that hacks, DDOS, man-in-the-middle. New devices and that new hardware products are getting hacked, or exploits found, BEFORE they hit market.  This is both good and bad.

About Julian Assange being cut off. His Ambassadorial hosts are getting hard threats regarding major national economic De-stabilization for their country.

My view? WE just need to keep speaking up about these matters, those of us who know. And just keep naging those who don't to learn and understand the state of Internet security.
 

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 16544
  • Country: us
  • DavidH
Re: Major DDOS attacks today
« Reply #16 on: October 24, 2016, 07:18:06 am »
It is too bad the NSA and other government agencies worked to sabotage various internet security protocols and especially IPSEC.  Ubiquitous encryption would have helped in a general way.
 

Offline Neilm

  • Super Contributor
  • ***
  • Posts: 1545
  • Country: gb
Re: Major DDOS attacks today
« Reply #17 on: October 24, 2016, 06:15:07 pm »
I notice that the webcams used have now been recalled in the US
Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe. - Albert Einstein
Tesla referral code https://ts.la/neil53539
 

Offline rx8pilot

  • Super Contributor
  • ***
  • Posts: 3634
  • Country: us
  • If you want more money, be more valuable.
Re: Major DDOS attacks today
« Reply #18 on: October 24, 2016, 06:26:40 pm »
I have isolated all my IOT stuff - DVR's, doorbell, etc on a separate network which helps protect my internal systems. That, however, does not help keep them out of a dDOS attack pool. In theory, I could setup static routes, port filtering, or whatever may help prevent that, but even if I was successful in keeping making my iot devices useless to hackers - I would be in a microscopic minority.

What the heck is the solution? If all the devices were heavily secured, they would cost more and the iot sector would cry foul when the sales dry up. We cannot expect the general public to understand or care. Every manufacturer that makes boring stuff is adding a stupid WiFi 'feature' to let you know the temperature of your toast and allow you to monitor the status of your toaster from anywhere in the world.

Like most things, it will take a major disaster before anyone cares.
Factory400 - the worlds smallest factory. https://www.youtube.com/c/Factory400
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 7693
  • Country: de
  • A qualified hobbyist ;)
Re: Major DDOS attacks today
« Reply #19 on: October 24, 2016, 06:40:28 pm »
Yep, all IoT devices should be placed into a separated network and controlled/protected via a firewall. Anything else would plain stupid.
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 7693
  • Country: de
  • A qualified hobbyist ;)
Re: Major DDOS attacks today
« Reply #20 on: October 24, 2016, 06:41:29 pm »
They'll become someone's bot farm.

They already are. :scared:
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 7693
  • Country: de
  • A qualified hobbyist ;)
Re: Major DDOS attacks today
« Reply #21 on: October 24, 2016, 06:45:15 pm »
It is too bad the NSA and other government agencies worked to sabotage various internet security protocols and especially IPSEC.  Ubiquitous encryption would have helped in a general way.

How would that protect us from insecure defaults settings, firmwares with tons of security issues, firmwares with outdated versions of network services with known security issues, lack of security fixes by vendors and users not updating firmwares?
 

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 10576
  • Country: gb
Re: Major DDOS attacks today
« Reply #22 on: October 24, 2016, 06:47:40 pm »
The number of bots out there trying to compromise your stuff is crazy,  a few weeks ago I had a look in my logs and was surprised just how constantly IP's are trying to log into my personal home workstation via SSH (and failing naturally).

Just today 21 newcomers gave it a shot, mostly from China, a couple Vietnam.

I'm currently seeing ~30000 telnet or ssh attempts a day, mostly unique IPs. A few weeks back 2000-3000 a day was typical.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 7693
  • Country: de
  • A qualified hobbyist ;)
Re: Major DDOS attacks today
« Reply #23 on: October 24, 2016, 06:55:39 pm »
[ssh] Ban 119.249.54.66
 [ssh] Ban 119.249.54.68
 [ssh] Ban 119.249.54.75
 [ssh] Ban 119.249.54.88
 [ssh] Ban 121.18.238.104
 [ssh] Ban 121.18.238.109
 [ssh] Ban 121.18.238.114
 [ssh] Ban 121.18.238.98
 [ssh] Ban 123.31.34.217
 [ssh] Ban 123.31.41.212

You can simplify things by taking the allocations:
119.248.0.0/14
121.16.0.0/13
123.30.0.0/15
...

BTW, I haven't seen any attempt via IPv6 yet.
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 7693
  • Country: de
  • A qualified hobbyist ;)
Re: Major DDOS attacks today
« Reply #24 on: October 24, 2016, 06:58:30 pm »
The number of bots out there trying to compromise your stuff is crazy,  a few weeks ago I had a look in my logs and was surprised just how constantly IP's are trying to log into my personal home workstation via SSH (and failing naturally).

Just today 21 newcomers gave it a shot, mostly from China, a couple Vietnam.

I'm currently seeing ~30000 telnet or ssh attempts a day, mostly unique IPs. A few weeks back 2000-3000 a day was typical.

Another approach is to rate-limit the connection attempts. Could be done per IP or network.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf