Category Archives: DNS

When a DDoS is not a DDoS…

The interim CEO of GoDaddy, Scott Wagner, issued a press release stating that the outage was not a result of a DDoS attack, but rather an internal networking issue that corrupted the routing database. It would appear that GoDaddy is trying to play politically correct in its wording. Whether self-imposed or from an external attacker(s), DDoS is DDoS.

In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the efforts of one or more people to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. – Wikipedia

The fact that they are choosing to down play the event, makes it seem that GoDaddy is trying to recover from the PR created from the outage that affected their customer base.

On the other side of the issue, the purported hacker of the outage, Anonymous Own3r, tweeted his disdain over the press release when he tweeted the following:

whooa @godaddy is denying that it was hacked by me! they don’t wanna show their cybersecurity is bad this way they would lose customers !

Either way this issue lands, the question will become whether or not GoDaddy Customers view this outage as a result of one of the following:

  • Hacker DDoS Attack
  • Random technical issue
  • Internal incompetence

Only time will tell…

Tagged , , , , ,

GoDaddy DNS was a No Go…

– – START UPDATE – –

HackerNews has posted an interview with the purported Anonymous Hacker that attacked GoDaddy. According to the article the hacker known as Anonymous Own3r used an IRC botnet using a script from Pastebin to take the GoDaddy DNS service down. Read the article for more information…

– – STOP UPDATE – –

Yesterday GoDaddy and their customers felt the Internet shut down for them. At around 1725 UTC September 10, GoDaddy experienced what appears to be a DDoS attack that lasted over 4 hours and which GoDaddy states affected all of their 10 million customers. This outage forced GoDaddy to transition their DNS services to their competition – Verisign. In an official statement from GoDaddy below, they do not address the cause of the outage:

At 10:25 am PT, GoDaddy.com and associated customer services experienced intermittent outages. Services began to be restored for the bulk of affected customers at 2:43 pm PT. At no time was any sensitive customer information, such as credit card data, passwords or names and addresses, compromised. We will provide an additional update within the next 24 hours. We want to thank our customers for their patience and support.

Some GoDaddy customers reported that email as well as the web services were unavailable, but some were able to get email web interfaces but unable to send messages. According to domainincite.com, they this level of access during the outage is probably a result of cached DNS entries for those users and that the fact that GoDaddy transferred DNS services to Verisign all points to a DNS compromise or issue.

Even though no root cause was officially addressed, the hacktivist group Anonymous via Twitter claimed responsibility. It is not completely evident thus far if this is fact or if this is another claim that has no merit.

It will be interesting to get the complete story if  GoDaddy is willing to share more about this embarrassing incident.

References:

http://www.godaddy.com/

http://support.godaddy.com/groups/domains-management-and-services/forum/topic/dns-problems-4/

http://www.wired.com/wiredenterprise/2012/09/godaddy-moves-to-verisign/?utm_source=twitter&utm_medium=socialmedia&utm_campaign=twitterclickthru

http://domainincite.com/10403-what-the-hell-happened-to-go-daddy-last-night

Tagged , , , , ,
%d bloggers like this: