Re: What is going on in the PAC NW (Microsoft Outage)
In message <OFF5C3FF78.0778E224-ON882569DE.006B3A50@LocalDomain>, "Tony Rall" w rites:
Is there any information available about Microsoft and MS related companies being unavailable
I'm seeing about 50% packet loss to all 4 microsoft.com nameservers. I can't get any dns responses from them.
As, I think, Greg Woods mentioned, it's a pretting weak setup putting all of your nameservers on what appears to be the same network.
I am amazed that this has taken so long to fix.
Any chance their nameservers are being DDoSed? --Steve Bellovin, http://www.research.att.com/~smb
On Wed, Jan 24, 2001 at 03:07:22PM -0500, Steven M. Bellovin wrote:
I am amazed that this has taken so long to fix.
Any chance their nameservers are being DDoSed?
allow me to channel a few unnamed large national backbones: "Well if thats the case, then they should just turn off their DNS server, because that's obviously the cause of the attack." -- Bill Fumerola / billf@FreeBSD.org
On Wed, 24 Jan 2001, Bill Fumerola wrote:
allow me to channel a few unnamed large national backbones:
"Well if thats the case, then they should just turn off their DNS server, because that's obviously the cause of the attack."
Bill, don't make me smack you. The DDoS problem is endemic to the current state of hardware and software that comrpises the internet. There are _no_ good answers to DDoS, especially if the coders get smarter and start doing things like: introduce jitter into their DDoS source machines. Send out 20k bytes and then go quiescent for 1000*random() Putting rate limiting and reactive flow control from the boxes attacking so they wouldnt be noticed or easily traced. Random time intervals on which to start and stop attacks would make them almost impossible to traceback Launch a DDoS against the peers of a major backbone, targetting their border routers .... Weak implementations and non-rate limited route processors on internet routers leads to flapping... flapping leads to dampening... dampening leads to suffering Etc. etc. /vijay
On Wed, Jan 24, 2001 at 11:46:26PM -0500, Vijay Gill wrote:
On Wed, 24 Jan 2001, Bill Fumerola wrote:
allow me to channel a few unnamed large national backbones:
"Well if thats the case, then they should just turn off their DNS server, because that's obviously the cause of the attack."
Bill, don't make me smack you.
The DDoS problem is endemic to the current state of hardware and software that comrpises the internet. There are _no_ good answers to DDoS, especially if the coders get smarter and start doing things like:
I think this was his point, in reference to several fairly recent threads about DDoS on IRC networks. The "get rid of IRC and you get rid of the attacks" opinion has surfaced a number of times here. -c
On Thu, Jan 25, 2001, Clayton Fiske wrote:
On Wed, Jan 24, 2001 at 11:46:26PM -0500, Vijay Gill wrote:
On Wed, 24 Jan 2001, Bill Fumerola wrote:
allow me to channel a few unnamed large national backbones:
"Well if thats the case, then they should just turn off their DNS server, because that's obviously the cause of the attack."
Bill, don't make me smack you.
The DDoS problem is endemic to the current state of hardware and software that comrpises the internet. There are _no_ good answers to DDoS, especially if the coders get smarter and start doing things like:
I think this was his point, in reference to several fairly recent threads about DDoS on IRC networks. The "get rid of IRC and you get rid of the attacks" opinion has surfaced a number of times here.
<TONGUE LOCATION="CHEEK"> .. you know guys, this might be a reason to run IRC servers. Give the script kiddies new things to attack, and they won't get bored and start DDoSing more e-commerce sites, "core" routers, etc. </TONGUE> There are good answers to DDoS even in todays internet; there is just too much inertia to actually get people to implement it. Adrian -- Adrian Chadd "Sex Change: a simple job of outside <adrian@creative.net.au> to inside plumbing." - Some random movie
participants (5)
-
Adrian Chadd -
Bill Fumerola -
Clayton Fiske -
Steven M. Bellovin -
Vijay Gill