跳至主要内容

DNS-scale fault trace: triggered by the 24-year-old head of the butterfly effect

The early morning of May 22 news, 24-year-old free domain name service provider voice Wu DNSPod station in two days without sleep after 2 nights and decided to take the initiative to meet with the media, on the evening of May 19 more than the province of large-scale events indicate a network failure. WU Hong-sound in it, this was a malicious attack by DNSPod accident was caused by a butterfly effect: DNSPod he is a fan of the butterfly wings, the storm has become a visual Pacific storms.
 
 
 
 18 evening: butterfly wings
 
 
 
 WU Hong-sound on the 20th until the afternoon of realized that, on the 19th night of large-scale network fault with their relevant DNSPod. The previous day, he has been busy handling a network failure: on the 18th around 22:00 pm, DNSPod Changzhou in Jiangsu Province and a number of the master DNS server traffic suffered more than 10G of malicious attacks.
 
 
 
 Most do not know the sound of the beginning of Wu DNSPod blocked the main server IP is a friend to tell him do not have access to DNSPod. When he found a layer of a layer of inquiries Changzhou room before we know has been shut down telecommunications because the encounter malicious attacks. Wu is on sound, DNSPod attacked is not a big thing, after the most serious traffic 24G experienced DNSPod attacks, but this time, Changzhou, Jiangsu abnormal flow of the main points of concern arising from China Telecom, and mandatory fengdiao IP.
 
 
 
 This has led to runs on the server DNSPod free 100,000 are unable to resolve domain names. These domain names include the local portal, port, personal websites and small enterprises station site, there are 24 hours after the storm caused by paralysis of audio-visual network. Although there have not been any detailed information on the hackers, but history is available, DNSPod had pinch because sifu aircraft attack each other.
 
 
 
 In the ensuing years, WU Hong-sound busy DNSPod replacement of IP, the handling of the attack. Evening on the 19th, in Jiangsu, Anhui, Guangxi, Hainan, Gansu, Zhejiang Province, one after another six large-scale network failures, WU Hong-voice network is also a paralysis of the user experience, but he did not think, just furious that hackers have even all the local DNS the point of attack.
 
 
 
 19 evening: Pacific Storm
 
 
 
 DNSPod in March to do just before a sound WU Hong hobbies, when he was a staff MySpace. DNSPod his Web site with 16 servers, of which 4 free server, a number of personal use of a good Web site dedicated server 4. His services include Verycd, rain forest wind, 4399, small games, audio-visual and other storms. Attack on the official audio-visual services, including storm free server.
 
 
 
 It is worth noting that at the 18th storm did not too much a problem. WU Hong-sound interpretation of the agreement, there is a buffer DNSPod time to resolve a request, the day do not have another visit to DNSPod. It is also the existence of the cache has been the appearance of normal and did not let the sound Wu aware of the attack will lead to large-scale accident paralyzed.
 
 
 
 Attack after 24 hours at 21 o'clock on the 19th about the cache StormCodec in various parts of the domain name servers are DNSPod failure to visit the beginning of a large number of constant accumulation, telecommunications DNS servers sudden increase in traffic, the network processing performance, resulting in large-scale network fault. 0:00 ago in some areas the storm operators will be adding audio and video server IP or DNS cache DNS banned, the network is only gradually began to recover.
 
 
 
 WU Hong 18, the sound is still busy with the evening of the attack to solve the problem until 20 pm A friend of mine told him that the evening of 19 large area of the fault may be related to DNSPod, he suddenly realized what had happened. Letter at this time the Department of Public Works has held an emergency meeting is also linked to high-level storm Wu sound, to discuss the issue of follow-up to the backup domain name server. Followed by 21, the Ministry of Public Works letter DNSPod storm and prepare a report to the Public Security Bureau.
 
 
 
 Chance in the inevitable event
 
 
 
 WU Hong-sound that this failure was caused by chance coincidence, but is also bound to arise. "Because of a DNS as the most basic services, not the number of people who are not familiar with, we can say that its concern is not the basic." He pointed out that the current Web preventive measures have been more perfect, but precautions are still based on the DNS is very weak vulnerable to hackers use to attack.
 
 
 
 WU Hong-sound revealed that the domestic sifu spend 200-300 million every month to attack opponents. G made a general attack traffic takes 4-5 million. Flow through the "broiler" beating out, 24G traffic is likely to take several million to tens of millions of chickens and Taiwan. Of sifu example, to guard against weak attacks DNS is the most effective way.
 
 
 
 According to Wu sound, the current DNS to do about a dozen industry, basic is free. Because no money to buy professional equipment, the use of intelligent DNS analysis of more than a small site. At present, the individual is still DNSPod site, rather than a company, no income and capital to maintenance, every month there will be hundreds of Wu to voice a few thousand dollars of the "lose out." Currently registered domain names on its website has more than 30 million a day, more than 20 billion request, the actual use of the domain names of about 100,000.
 
 
 
 Although Wu did not sound the user claims to the needs of most users understand that and support him, but there are also a lot of the opinion that in order to prepare his charges to take the interests of zuopudian users. Wu has had some sound aggrieved, he believes he is the victim, but also worried about the future of domain name can not continue to do business, or experienced users claim. (Han-chi)

评论

此博客中的热门博文

6岁小朋友在PSP上看到不该看的东西

美国佛州的一位母亲Thamtha Tovar为自己六岁的儿子在Manatee的沃尔玛购买了一个礼物,一台全新的PSP, 然而当这位六岁的小朋友打开此PSP的时候,映入眼帘的却是一位"一丝不挂"的美女,惊恐之下,小朋友向自己的母亲哭诉了自己的遭遇。 伟 大的母亲听说此事勃然大怒,愤然找到沃尔玛的负责人要求对此事件作出合理解释,为何刚购买的PSP里的记忆卡会有"美女"在里面。沃尔玛的工作人员如此说 道:"呃,你把机器带来过,我们把卡帮你取出来,然后我们会给您儿子免费提供一个新的游戏。"这位母亲说:"我很乐意,但是恐怕你们没有明白我说的话。" 沃尔玛的一位发言人称他们正在调查为何发生此事,寻求解决此问题,而Tovar女士则要求更换一台全新的PSP并要求沃尔玛为此事道歉。 ------------------ 洛阳生活信息点评网:http://luoyanglife.com/ 洛阳生活信息,我爱打折论坛:http://bbs.luoyanglife.com/ 河南招生考试网:http://www.edu-ha.com/  

照着做,你的人生一定很顺利!

  01.犯了错误就该诚实地认错——狡辩、诿过只会害了自己。   02. 朋友 之间要保持距离——这样的 友谊 才能长久。     03.钱追人,人追健康——有了健康,还怕挣不到钱么?     04.别轻易转行——转行的风险很高,最好不要轻率为之。     05.适度地抬高身价——在就业市场中,人也是一种商品。     06.把敬业变成 习惯 ——从长期看是为了自己。     07.运用累积法壮大资产——不求快,不求多,不中断。     08.忍一时,争千秋形势比人强时,必须忍。     09.与其你死我活,不如你活我也活——这就是双赢,是良性竞争。     10.以"播种"的 心态 经营人际关系——种子播得越早越坚韧。     11.做事切勿率性而为——率性而为只会害了自己。     12.遇到魔鬼型的主管时——接受他的磨练可让你的 性格 越来越坚韧。     13.不要当众和主管吵架——那会让你无路可走,只有走人。     14.向不同行业的人学习新知识——记住,要用请教的 态度 。     15.所有的困难都是好事——这是老天爷在磨练你,目的是把重任交给你。     16.用吃亏就是占便宜的心态 做人 做事——那样你就可以迅速长大。     17.不要在失意者面前谈论你的得意——那样 伤害 你的人际关系。     18.不要小看守时这件事——守时是对别人的尊重。     19.用 时间 来看人——时间是检验大师。     20.用打听来看人——把获得的信息汇总,就可以了解那个人。     21.建立一个朋友档案——以免人到用时方恨少。     22.扩大交友圈——主动出击,不要等别人上门找你。     23.保持交友的弹性——敌人也可以变成朋友。     24.要交 喜欢 "修理"你的朋友——这种朋友是你的 人生 导师。   25.毛遂自荐,好处多多——让别人看到你,知道你的存在,知道你的能力。     26.小心突然升温的 友情 ——对待这种友情的正确态度是:不推不迎,礼尚往来。     27.做老二,不做老大——老大没当好,容易变成老三老四。     28.做人要中规中矩——目的是赢得他人的尊重和信赖。   ...

FTP服务器关于断点续传权限的防范问题

FTP服务器关于断点续传权限的防范问题    假设ftp服务器中存在一个文件Readme.txt,文件大小为1000 bytes,连接上这个ftp服务器(假设我有写权限,ftp服务器是支持断点再传的),我本地中也有一个叫Readme.txt的文件,文件大小为 500 bytes。好了,我开始做坏事。    1、连接上这个ftp服务器(用系统自带的 ftp://ftp.exe/,在内网的可能无法使用,因为 ftp://ftp.exe/用的是port模式)    2、dir(查看Readme.txt大小,确定了是1000 bytes)    3、quote rest 1000(告诉ftp服务器我将要传送的文件是从文件位置1000开始)    4、send Readme.txt    5、dir(再次查看Readme.txt大小,现在Readme。txt变成1500 bytes了)    为什么Readme.txt会变大了?很简单,因为我本地的那个Readme.txt的500字节上传成功,并写入到ftp服务器中存在的那个 1000 bytes的Readme.txt文件中了。问题是出在第二条命令,如果没有第二条命令,我的第4个命令(Send Readme.txt),就会得到一个Permission Deny的错误,第二条命令是让ftp服务器信任我们将要进行一个断点再传的操作,如果没有第二条命令,ftp服务器将以为我们进行的是一个复盖原文件的操作(复盖原文件操作需要另外的权限才可以进行)。    这个问题只是在允许断点再传的FTP服务中存在,但现在90%的FTP服务程序都是允许断点再传的,所以这问题在普遍的FTP服务器都会存在。    防范方法:    如果一定需要给用户上传权限的话,最好的防范方法是每个用户都给他建立一个目录,将那个用户的权限完全锁在这个目录内,那么用户就没有权限可以查看其它用户的目录,也就是说无法造成以上所说的破坏。