Jan 9, 2012

EasyDNS Got Hit By a DDoS Attack Saturday

Greetings everyone, I hope you had a better weekend than me. You see, since I am the Systems Engineer for my company, I am pretty much on-call 24 hours a day, 365 days a year. Maybe in the future we will be able to do some sort of rotation, but since we are a small company that is just not going to happen any time soon.

Anyway, on Saturday, January 7th I started getting some strange email alerts. I would get a message saying one of my company websites was down from our external monitoring company, but when I went to browse to the site, it was up. I would get an email from one of our customers saying they couldn't pull data from our API, but our services were up. It was on and off for a few hours, and there was nothing in the web server logs suggesting issues. Then it hit me, "I wonder if there is a problem with DNS."

My company uses EasyDNS for our public DNS services. We chose them for their custom TTL, and the ability to do instant DNS failover. Also, they had some really affordable prices. Up until Saturday, their service has been great also. Well, when I logged into their site I found out they were under a Distributed Denial of Service attack which was affecting their customers, and that meant us. The target of the attack was a porn website which has prompted EasyDNS to enact a no porn DNS hosting policy.

From their blog:

easydnsEvery single DDoS attack in this company's history has involved one of the following: ponzi/HYIP sites, porn sites or gambling/casino/betting. (Yesterday's attack was porn.)

HYIP/ponzi websites are already specifically excluded from service here in our AUP. We will now be adding exclusions and associated prescreening for porn/casino/betting websites.

We pass no moral judgement on these types of endeavors. But it makes no sense to ruin a business we spent over 15 years building to repeatedly get our brains bashed in for these types of websites. They'll have to make other arrangements.

We will be reaching out to existing members in these categories to either allow specific cases of grandfathering-in, additional precautions (segmentation) or assistance relocating.

In an attempt to mitigate problems like this in the future, I found myself two FREE providers of secondary DNS. These are great in this type of instance when your main DNS provider fails, or gets his with a DDoS attack. If your DNS provider provides a way of zone transfers to a secondary carrier, check them out! Here they are:

  • Twisted 4 Life - Allows a maximum of 10 free domains for secondary DNS
  • Puck - Allows an unlimited amount of domains for secondary DNS

Since they are both free, I decided to use them both. I figure the chances of all three going down at once is very slim. I also feel that the free service as a backup is fine. I wouldn't recommend using a free service for a primary DNS if this is for company web servers. For production websites for a company, you really need to have something that is reliable with service level agreements.

Do you know of any other free secondary DNS providers? Do you use them? Let us know of other ones in the comments.

del.icio.us tags:           



Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam