Search TQA Weekly
Log into your TQA Weekly

DDOS & Another Typo Brings Down Web

Human Error and Tactics Taking Down Internet

Steve Smith talks about the Amazon S3 outage, and DDOS attack that took down part of Godaddy, and DYN.

Episode #7-27 released on March 4, 2017

This week is Godaddy's and Amazon's turn. In Amazon's case yet another typo takes down a huge portion of the Internet. I am referring the AWS service, which owns 40 percent of the cloud services market, which means many companies rely on them for their web-sites, online services, applications, and more. In the case of Godaddy, their East Coast outage was the result of another DDOS attack.

What cause the Amazon server outage on Tuesday in the first place?

Human error, an employee of the S3 team was attempting to create a small subset of offline servers to work on a bill system issue. This is a normal protocol, ask any web developer worth their weight in Gold. While, the process is standard, a simple type in a command resulted terminate with the removal of a larger subset of servers, resulting in the server outages we experienced on Tuesday. Now, despite a long track record of server reliability, Amazon further indicated that the tool responsible for the service black out will have its capacities scaled back to prevent this kind of event from occurring at this scale in the future. And future more, they'll be taking this event in consideration and bettering the rest of the infrastructure and improve its systems.

What happened to take down Godaddy on the East Coast?

A series of three DDOS attack resulting from millions of unique IP addresses resulting in a sophisticated and complex targeted attack on Dyn's Internet directory servers took out the East Coast of United States of DNS servers, also, leading the West Coast being offline as well. Yet, another Botnet attack brought about by Mirai and other Botnets using infected IoT devices in a much more challenging to mitigate attack against DYN than they are used to seeing. An attack so devastating that event Cloudflare experienced errors along its own network. To give you a good idea of what was happening, the servers that were being targeted were the address books of the Internet. If a domain name server you rely on to connect to web-sites is offline, even if the actual server you wish to access is online, you will be unable to connect to said server to begin with.

What can we take from these supposedly unrelated incidents?

Coding practice and planning are important. In the case of Amazon, a set of normal protocols lead to downtime. In the case of Godaddy, DYN, and many others bad software implementation lead the way to the creation of Mirai Botnet, and many others. Solve bugs before coding, think about implementation and device security. Good coding practices lead to a safer Internet.

Host : Steve Smith | Music : | Editor : Steve Smith | Producer : Zed Axis Dot Net

Sources & Resources

Post Your Comments

Feel free to ask more questions, comment on the content, share other possible solutions, and suggestions. An account is required, please register, or login to leave your comment. Thank you for your input.

Metal Gear Solid V: The Phantom Pain

This is my own personal introduction into the world of Metal Gear Solid, and this game is from the point of view of Venom Snake, aka Big Boss, in the era of 1984. Game starts nine years after everyone presumes Venom Snake dies, when he wakes up from a coma, and weeks later the entire world seems to want to kill him off. Watch, enjoy, and if you have never played these games, you are definitely in for a culture shock, the same as I had.

Published on October 29th, 2016