剑客
关注科技互联网

Dyn 声明在 2016/10/21 DDoS 攻击

很可能,在这一点上你见过的很多新闻帐户的分布式拒绝服务 (DDoS) 攻击 Dyn 一些持续反对我们管理的 DNS 基础结构这过去的星期五,10 月 21 日。我们想借此机会分享的其他详细信息和上下文有关的攻击。在写这篇文章的时候,我们正审慎监察任何额外的攻击。请注意我们关于根本原因的调查仍将是未来更新的主题。值得注意的,我们不可能分享所有细节的攻击和我们的减排努力保持未来的防御。

此外不想考虑得太远没有这篇文章︰

  1. 承认 Dyn 的操作和支持团队在做战斗与什么是可能被看作是具有历史意义的攻击做出了巨大努力。
  2. 确认 Dyn 的客户的极大支持,很多人达到支持我们缓解努力即使他们受到影响。为广大客户服务始终是我们的第一要务,和我们感谢他们的理解,作为这一承诺意味着 Dyn 往往是互联网的第一响应者。
  3. 感谢我们的合作伙伴在技术社区中,从世界上顶级的互联网公司,运营团队向执法和标准社区,到对竞争对手和供应商,我们谦卑和源源不断的支持表示感谢。

攻击时间线

Starting at approximately 7:00 am ET, Dyn began experiencing a DDoS attack. While it’s not uncommon for Dyn’s Network Operations Center (NOC) team to mitigate DDoS attacks, it quickly became clear that this attack was different (more on that later). Approximately two hours later, the NOC team was able to mitigate the attack and restore service to customers. Unfortunately, during that time, internet users directed to Dyn servers on the East Coast of the US were unable to reach some of our customers’ sites, including some of the marquee brands of the internet. We should note that Dyn did not experience a system-wide outage at any time – for example, users accessing these sites on the West Coast would have been successful.

还原后服务,Dyn 只是在东部时间中午之前经历了第二波攻击。这第二波是具有全球的性质 (即不限于我们东海岸持久性有机污染物),但在缓解了短短的一个小时;在大约 1:00 pm 东部时间恢复了服务。再次,没有当时有整个网络中断,虽然在那段时间,一些客户就会看到扩展的延迟延迟。

新闻报道的第三攻击波验证了 Dyn 基于我们的信息。虽然尝试第三次攻击,我们得以成功地减轻它没有对客户的影响。

Dyn 的操作和安全小组发起我们缓解和客户通过我们的事件管理系统的通信过程。我们练习和准备定期的进行,这种情况,我们运行不断发展行动手册、 工作与减灾伙伴到像这些地址方案。

我们所知道东西

At this point we know this was a sophisticated, highly distributed attack involving 10s of millions of IP addresses. We are conducting a thorough root cause and forensic analysis, and will report what we know in a responsible fashion. The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations. We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack.

谢谢你的互联网社区

On behalf of Dyn, I’d like to extend our sincere thanks and appreciation to the entire internet infrastructure community for their ongoing show of support. We’re proud of the way the Dyn team and the internet community of which we’re a part came together to meet yesterday’s challenge. Dyn is collaborating with the law enforcement community, other service providers, and members of the internet community who have helped and offered to help. The number and type of attacks, the duration, the scale, and the complexity of these attacks are all on the rise. As a company, we have for years worked closely with the internet community to assist when others encountered attacks like these and will continue to do so.

据说是永恒的警惕是自由的代价。作为一家公司和个人,我们致力于一个自由和开放的互联网,已经这么多创新的源泉。我们必须继续共同努力,使互联网更有弹性的地方工作、 娱乐和沟通。这是我们作为一个公司的商业理念与我们作为互联网基础设施社会的共同使命。谢谢。

凯尔纽约

首席战略官

关于作者

Dyn 声明在 2016/10/21 DDoS 攻击

凯尔约克是 Dyn 的首席战略官,一直长期执行,2008 年加入。多年来,他曾去市场领导角色在全球范围内的销售、 营销和服务。在他作为民间社会组织的作用,凯尔侧重于企业的总体战略,包括︰ 定位和传福音、 进入新市场、 战略联盟和伙伴关系,企业并购,和业务发展。除了 Dyn,凯尔是一个天使投资人、 企业家和几个创业公司的顾问。在 twitter 上关注凯尔︰ @kyork20 和 @Dyn。

Follow on Twitter
More Content by Kyle York

[剑客-翻译]

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址