On Fri, Dec 26, 2014 at 9:27 AM, Anthony Eden <[email protected]> wrote:
> We published an incident report after our outage: > > http://blog.dnsimple.com/2014/12/incident-report-ddos/ > > I have not yet seen an incident report from Rackspace. > Thank you for posting that (I'd forgotten I'd seen it). And thank you for the detailed report, not just describing the root cause (DDoS on DNS servers), but also revealing traffic type and volume (random subdomain attack at 50Mpps/25Gbps) and your internal procedure for responding to it (black-box monitoring to detect the outage, post status notice after 10 minutes, assemble team via a Hangout after 20 minutes, try various technical mitigations, etc). This level of detail is rare in a public report, but greatly appreciated. Hopefully others will learn from your example. Damian On Fri, Dec 26, 2014 at 2:02 AM, Damian Menscher <[email protected]> wrote: > >> Has anyone seen details of the attack styles or volumes? It would be >> helpful to share attack knowledge with the community so others know what to >> prepare for. >> >> Damian >> >> On Wed, Dec 24, 2014 at 1:56 AM, Stephane Bortzmeyer <[email protected]> >> wrote: >> >>> >>> https://news.ycombinator.com/item?id=8784210 >>> >>> After the successful attacks against Rackspace, Namecheap, DNSsimple >>> and 1&1, it is clear that dDoS attacks against DNS servers are very >>> common this winter, and they succeed :-( >>> >>
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
