Talk:DDoS attacks on Dyn
This is the talk page for discussing improvements to the DDoS attacks on Dyn article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
A news item involving DDoS attacks on Dyn was featured on Wikipedia's Main Page in the In the news section on 23 October 2016. |
This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
The following references may be useful when improving this article in the future:
|
In the news nomination
editWikipedia:In_the_news/Candidates#Cyberattacks -- Zanimum (talk) 21:58, 21 October 2016 (UTC)
Structure
editAnyone interested in a big overhaul of the structure of the article? Right now the Investigation section is a bit of a mess, I suggest we create three distinct sections: one providing some background on IoT-based attacks and Mirai; one with an analysis of the actual Dyn attack, its impact and size; one on further investigations on the perpetrators.--DarTar (talk) 02:41, 22 October 2016 (UTC)
Related? DNS problems in Singapore, a few hours later
edithttp://www.channelnewsasia.com/news/singapore/starhub-fibre-broadband-service-outage-sparks-customers-ire/3227690.html A ISP in Singapore (Starhub) is also suffering similar DNS issues to the ones that had issues in DynDNS. There is no source for the DNS problems currently, but as I'm currently being affected by this issue, I am sure it is a DNS issue and sources will likely be published when the news hits the press in a few hours. Thus, I'd like to ask for this issue to be watched.
Edit: another source: https://www.facebook.com/StarHub/posts/10154723132242472 — Preceding unsigned comment added by Mount2010 (talk • contribs) 16:29, 22 October 2016 (UTC) -- Confirmed DDOS on DNS servers that may be related to the DynDNS DDOS, anyone knows if this is related? http://www.straitstimes.com/tech/starhub-broadband-disruption-due-to-spike-in-traffic-that-jammed-its-domain-name-servers Mount2010 (talk) 15:14, 25 October 2016 (UTC)
New World Hackers
editUser:Doc Strange - there's a redirect (two in fact) for the group which targets this article. It was formerly to the section "Perpetrators" but now to the top of the article. MOS says to either bold or italicise per least astonishment. In the lead always seems a better location for bold, but I've left as italics for now. It's a R with possibilities. Widefox; talk 21:02, 22 October 2016 (UTC)
- Okay. Didn't know that. Doc StrangeMailboxLogbook 21:12, 22 October 2016 (UTC)
- User:Brandmeister per MOS:BOLD "To follow the "principle of least astonishment" after following a redirect...", WP:R#PLA "article or section to which the redirect goes. It will often be appropriate to bold" Widefox; talk 12:14, 30 October 2016 (UTC)
- I've removed the boldface and the invisible comment. Using boldface where a section is dedicated to a subtopic is fine with me, but having the redirect be bolded in the target in this situation is unhelpful. The group is only mentioned once, not the topic of the section, and halfway through the sentence alongside names of other orgs. I don't think it was an aid to readers. MOS:BOLDREDIRECT doesn't explicitly say that what was done here is discouraged, buuut it seems like it would be. SWinxy (talk) 06:24, 14 April 2023 (UTC)
- User:Brandmeister per MOS:BOLD "To follow the "principle of least astonishment" after following a redirect...", WP:R#PLA "article or section to which the redirect goes. It will often be appropriate to bold" Widefox; talk 12:14, 30 October 2016 (UTC)
Level 3 map and impacts
editThe three-part structure suggested above makes sense: botnet and techniques used - impacts - follow-up. The section on impacts is not currently well described, and in particular I'd question the use of a map relating to Level 3 (following its use on a couple of websites). Level 3 is just one Tier 1 network, so I'm not sure of its actual relevance - is it integral to Dyn's multicast network in some way? I noticed 99.7% packet loss to Dyn's servers from Europe and at one point the vast majority of ISPs servers all over the world had no cached records for twitter.com. So although it was stated in some news reports as mostly affecting eastern USA, this is doubtful. In other words, we need more expert reliable sources to explain if and why some regions were more affected. --Cedderstk 21:48, 24 October 2016 (UTC)
Containment
editDear all,
The article does not explain, how/why the attack ended. Did the attackers stop it? Why? Or was it eventually fended off? How?
Thank you in advance for adding this information.
Yours, Ciciban (talk) 12:57, 15 November 2016 (UTC)
Education Quality and Accountability Office
editA reader contact the Wikimedia ( ticket:2017042310000168 ) to note that the incident associated with Education Quality and Accountability Office occurred on 20 October not 21 October. Unfortunately, the reference discussing the incident is dated 24 October and does not definitively identify the date of the attack (unless I missed it). The article does not mention Dyn. Unless someone can add corroborating evidence that it was associated with the Dyn attack, this may be a mere coincidence (or perhaps a trial run?). I plan to remove this entry on the sourcing can be found which clearly identifies this as a Dyn attack.--S Philbrick(Talk) 13:52, 29 April 2017 (UTC)
- This site supports the claim that it occurred 20 October not 21 October, so I plan to remove it from the article.--S Philbrick(Talk) 16:47, 1 May 2017 (UTC)