Return to the VPC Lobby
FlightAdventures Virtual Pilot Center™

Need an account? Register here.

Return to AerobaticSource Lobby
Get the VPC OffLine Reader here!

"VPC unreachable 12-09-02"

Printer-friendly version of this topic
Bookmark this topic (Registered users only)
 
Previous Topic | Next Topic  
VPC Forums VPC Tech
Original message

Ben_Chiu[Admin]

Click to EMail Ben_Chiu Click to send private message to Ben_Chiu Click to view user profile


Certificates/Ratings/Crew Stations:

VPC certificates and ratings

"VPC unreachable 12-09-02"
12-10-02, 06:57z 

Due to problems at the company that controls our Name Server, we were down for most of today. The short synopsis is about 3am Pacific, a Denial Of Service attack/ HUGE influx if DNS queries bombarded their main facility in Seattle. In the following hours everything on that network became extremely slow making most of the services provided on that network (DNS,URL forwarding, Email Forwarding, websites, DB) appear unavailable or really slow to anyone outside the network. This kind of activity has happened before but never of this magnitude.

The unfortunate side effect of this activity is that it overloaded both the primary and secondary firewalls causing them to reset connections about every 2 minutes. Their senior network engineer was woken up and after having no luck with a remote fix headed to our co-lo facility. He arrived to find the firewalls rebooting under a large deluge of traffic. He couldn't even get information off of the firewalls about what was actually happening.

In the meantime, the downtime at our co-lo in Seattle caused all DNS to be directed to our east coast facility. The facility also was brought down by the volume in traffic. As they tried to diagnose what the problem was so that they could know what to cut off, the traffic just kept coming. After some conflict with the co-lo provider, finally at 5pm PST, they filtered out all traffic destined for the nameserver in the Seattle co-lo. This immediately enabled all services on that network to the outside world.

Isn't this stuff fun?

Ben


-= VPC OffLine Reader 2.1 =-
Registered to: Ben Chiu
-OLR.PL v1.80-

Alert Edit | Reply | Reply With Quote | Top


  Table of Contents

  Subject      Author      Message Date     ID   
  RE: VPC unreachable 12-09-02 James[Sysop] 12-10-02 1
  RE: VPC unreachable 12-09-02 vgbaron[Sysop] 12-10-02 2
   RE: VPC unreachable 12-09-02 Ben_Chiu[Admin] 12-10-02 3

Forums | Topics | Previous Topic | Next Topic

Messages in this topic

James[Sysop]

Click to EMail James Click to send private message to James Click to view user profile


Certificates/Ratings/Crew Stations:

VPC certificates and ratings

1. "RE: VPC unreachable 12-09-02"
12-10-02, 16:35z 

Hi Ben et al,

>> Isn't this stuff fun? >>

Isn't it just <LOL>

Regards,

James (CONman) Anderson
*** The plane in front is a Boeing ***

-= VPC OffLine Reader 2.1 =-
Registered to: James Anderson
-OLR.PL v1.80-

Remove | Alert Edit | Reply | Reply With Quote | Top


vgbaron[Sysop]

Click to EMail vgbaron Click to send private message to vgbaron Click to view user profile


Certificates/Ratings/Crew Stations:

VPC certificates and ratings

2. "RE: VPC unreachable 12-09-02"
12-10-02, 16:54z 

Ben -

Were they able to trace back the DOS attack? Altho any really good hacker capable of a DOS attack has probably taken over other peoples systems and using them to carry it out. Any reason why *they* were targeted?

Fun stuff.

Vic

Of course, I could be wrong. I thought I was wrong once before, but I was mistaken.


-= VPC OffLine Reader 2.1 =-
Registered to: Vic Baron
-OLR.PL v1.80-

Remove | Alert Edit | Reply | Reply With Quote | Top


Ben_Chiu[Admin]

Click to EMail Ben_Chiu Click to send private message to Ben_Chiu Click to view user profile


Certificates/Ratings/Crew Stations:

VPC certificates and ratings

3. "RE: VPC unreachable 12-09-02"
12-10-02, 23:22z 

Greeting Vic:

> Were they able to trace back the DOS attack?

It seems to have originated from an attack to one of the 600,000+ sites on the name server. This caused the chain reaction and shut everyone down. However, they're still looking into it and no names have been named yet.


> Altho any really good
> hacker capable of a DOS attack has probably taken over other peoples
> systems and using them to carry it out. Any reason why *they* were
> targeted?

Don't know, but as I explained above, our provider was just a casualty of the main/originating assault. Regardless, measures are in place so it won't happen again. <fingers crossed>

We're also discussing internally fall back methods to keep us up if the NS shuts down again.

Ben


-= VPC OffLine Reader 2.1 =-
Registered to: Ben Chiu
-OLR.PL v1.80-

Remove | Alert Edit | Reply | Reply With Quote | Top



Lock | Archive | Remove

Forums | Topics | Previous Topic | Next Topic

 


Terms of Use

There are currently
Copyright © 2000- FlightAdventures. All rights reserved.

Powered by DCForum