Mistake #1 - using BIND
With more time to analyse its logs, DNS provider Dyn reckons about 100,000 Mirai-infected home web-connected gadgets knocked it out last Friday. In its latest analysis, product executive veep Scott Hilton writes: “We are still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious …
@Charles 9: that's exactly what I'm talking about. The queries return different IPs with every query, and they have time to live measured in minutes because they use DNS for load balancing. While in ye olde times results would have time to live measured in hours or days.
they've abused DNS system and now they suffered the consequences
Assume a 1 Tbit/s attack, assume 100000 devices, what's the average attack bit rate per device?
Well, that's just 10 Mbit/s.
Can an internet connected video camera do 10 Mbit/s or better? Very likely if it is HD or better. Even for tiny processors 10 Mbit/s is nothing these days.
Can an internet connection upload 10 Mbit/s or more. Yes, lots of people have that kind of bandwidth.
The more attack surface you have.
The internet in general needs to be fixed.
We need TCP/IP as a layer because the protocols underneath are not routable.
We need DNS because the average person struggles to remember IP addresses.
We need a technical cleansing I think.
Round everyone up and ask them simple questions, bullet to the head of those that can't answer them.
Officer: What version of Windows do you have?
Dimwit: Is that Office?
Officer: *puts bullet in dimwits head*
Officer: Ok type www.youtube.com into the address bar in a browser to open up YouTube.
Dimwit2: Browser? Is that like google? *types www.youtube.com into google and clicks the first result*
Officer: *executes dimwit*
Officer: Plug in this USB drive and run the malware executable on it.
Dimwit3: *installs the malware without question*
Officer: *shoots dim wit between the eyes*
Its brutal and barbaric but it may soon be necessary.