Slashdot Mirror
14,000 Domains Dropped Dyn's DNS Service After Mirai Attack (securityledger.com)
chicksdaddy
New data suggests that some 14,500 web domains stopped using Dyn's Managed DNS service in the immediate aftermath of an October DDoS attack by the Mirai botnet. That's around 8% of the web domains using Dyn Managed DNS... "The data show that Dyn lost a pretty big chunk of their customer base because they were affected by (Mirai)," said Dan Dahlberg, a research scientist at BitSight Technologies in Cambridge, Massachusetts... BitSight, which provides security rating services for companies, analyzed a set of 178,000 domains that were hosted on Dyn's managed DNS infrastructure before and immediately after the October 21st attacks.
It's possible some of those domains later returned to Dyn -- and the number of actual customers may be smaller than the number of hosted domains. But in the end it may not have mattered much, since Dyn was acquired by Oracle the next month, and TechCrunch speculates that the deal had already been set in motion before the attack.
They also add that "Oracle, of course, is no stranger to breaches itself: in August it was found that hundreds of its own computer systems were breached."
It's possible some of those domains later returned to Dyn -- and the number of actual customers may be smaller than the number of hosted domains. But in the end it may not have mattered much, since Dyn was acquired by Oracle the next month, and TechCrunch speculates that the deal had already been set in motion before the attack.
They also add that "Oracle, of course, is no stranger to breaches itself: in August it was found that hundreds of its own computer systems were breached."
Eloquently stated, but for those that haven't been paying attention perhaps you could have elaborated on your feelings a bit more. My personal dislike for DynDNS is based on their buying up as many of the other free domain services that they could, shutting them down, and then starting to charge for their own previously free service. Fortunately, there are still great free alternatives, such as freedns.afraid.org (which I actually like much better than Dyndns even though my routers don't support it directly).
I'm an American. I love this country and the freedoms that we used to have.
I wonder how many of these domains moved from using Dyn as their sole DNS provider, to using some competing service as their sole DNS provider... And completely missed the lesson. Diversify your DNS, nigga. Run your own master, then have a couple of slaves on each of Dyn, Route53, etc.
Oracle hasn't destroyed Java yet. Still the most used language, by far.
.. after Oracle bought them?
You think Java is used more than C?
By students, yes. By enterprises, yes. By Linux kernel developers, no.
Eloquently stated, but for those that haven't been paying attention perhaps you could have elaborated on your feelings a bit more. My personal dislike for DynDNS is based on their buying up as many of the other free domain services that they could, shutting them down, and then starting to charge for their own previously free service. Fortunately, there are still great free alternatives, such as freedns.afraid.org (which I actually like much better than Dyndns even though my routers don't support it directly).
Don't forget everyone's favorite registrar, Namecheap. If you want to buy a domain rather than use a "loaner," Namecheap supports dynamic DNS for free. I paid for FreeDNS/afraid.org for a few years, but, now, I just use my own domain and namecheap's dyanmic DNS service to log into my machine at home.
ASUS routers come with a free asuscomm dynamic ip registration built in as an option from the dropdown dyn selection menu. It's nice to use a dyn service provided by the same company that made the router for obvious reasons. They know how to best support the router, dyn service, firmware updates, and convenience. I'm pretty sure it's not the same as dyndns and resides on their own servers since it is a unique menu choice along with no-ip and other choices. I used to have a dyndns but when I got my new router and saw they offered something in-house I went with that instead. Works flawlessly which is all I really care about.
"Dyn was acquired by Oracle the next month,"
Sounds like those who left before were just the early adopters, ahead of the curve.
"National Security is the chief cause of national insecurity." - Celine's First Law
One has to wonder whether these attacks have become a corporate tactic, not a new one mind you but one that is spreading. The have the ability, the have the hardware, they have the network access and the most certainly they have the greed and along with that are inherently totally amoral in nature, with attitude like fines nothing more than a cost of doing business, the investors pay the penalties not the corporate executives, more money now, more money now, more money now, fuck everyone else.
Chaos - everything, everywhere, everywhen
The problem that I have with Namecheap is that I tried to get a domain from them. Here's what happened:
I thought of a domain that I would really like to have. I first tried to go to it in my browser and got a 404 error.
I immediately went to Namecheap and tried to get it. They "checked" to see if it was available. There was a long delay, at least two to three minutes. Then they told me that the name was not available and offered me other names, names with garbage extra numbers in them and undesirable TDLs.
I immediately went back to another browser window and tried to get to the domain again. This time I got a parking page offering to sell me the domain that I wanted for thousands of dollars.
I don't know if other registrars have any more integrity or how to find registrars who will not steal your domain name from you when you try to register it, but I'm not going to try to register anything with Namecheaop again.If I just want a name that I can use to reach my local network, I'll use a service like freedns.afraid.org. If I want a name that I actually own and that I'll give out to others, I will not trust Namecheap with knowing in advance what name I want.
I'm an American. I love this country and the freedoms that we used to have.
You forgot the part where they sold out to Oracle then their customer service got useless beyond hope.
Glad this is being discussed here, because I am not renewing with them.
Emphasis on "yet". They are trying.
Go die in a fire. *Quietly.*
People aren't getting off of Dyn because of the last DDoS attack, it's because Dyn has gone to shit and subsequently been bought by Ellison. I'm betting Larry's hope is Dyn makes him enough money to pay off the next Hawaiian island purchase. Ain't looking too good.
Captcha: "diarreha" how fitting...
Who's the misbegotten flaming degenerate baby-raping COMPLETE AND TOTAL FUCKTARD who modded this up? I hope you realize that you're going straight to Hell for that. Do not pass Go, do not collect $200. Fucking low-life Zika-encrusted microcephalic shitstain...
See subject: Prevention = best medicine (& what u can't touch can't hurt u) via NEW APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/
Ads & malware rob speed/security/privacy
Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).
Less power/cpu/ram + IO use & faster vs. DNS/routers/addons/antivirus + less security bugs/complexity!
Avoid Router/OS IP stack settings DNSChangers & dns redirect poisons (99% of ISP DNS != patched vs. it) + lighten DNS load & resolve faster from local system RAM!
* Via what you NATIVELY have built into your TCP/IP stack running in FASTER kernelmode
APK
P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/
I had a domain registered to DynDNS for 10 years (5 at a time) because I was really happy with them, particularly back when they did free domains based off of subdomains on dyndns.org: that was a really helpful and useful feature so I supported them by actually paying for a domain long-term.
However the moment they were bought by Oracle I *IMMEDIATELY* put in a Transfer Request. The reason: Oracle I consider to be one of the world's most unethical companies, up there with Broadcom and Qualcom for various semi-illegal corporate practices and outright power-abuses. If you're not familiar with the stories behind OpenOffice, MySQL, VirtualBox (which forces people to sign over total rights and ownership of code contributions), and BerkeleyDB (change of license to an unacceptable one that's incompatible with Software Libre, forcing Debian to pull latest versions: many projects have converted to LMDB as a result) - the list goes on and on. If you're not familiar with these stories I recommend you *get* familiar, fast, and drop all dependency on Oracle as fast as you practically can. They poison every company they buy, including, sadly, Sun Microsystems.