When we all head back into the office on Monday we’ll update this post with a more accurate and complete explanation of the recent DDoS against EveryDNS, another DNS service, which I started over five years ago. For the moment, I’m working to get everything back in order and spend a few hours of the weekend relaxing. 🙂
There are a couple of facts which I’d like to clarify:
- OpenDNS’ recursive DNS service was never affected during this attack against EveryDNS. The two companies run on completely different servers in different datacenters.
- The OpenDNS website was affected for a short period of time, approximately 30 minutes, because OpenDNS used EveryDNS for authoritative DNS services. We had a separate DNS architecture in place which we had not yet transitioned the opendns.com domain over to. We immediately did that and service to the website was restored quickly.
- The attack against EveryDNS was not related to our efforts in running PhishTank, our community anti-phishing effort. PhishTank was not affected at all during the attack.
- The combined DDoS against all of the EveryDNS infrastructure was in excess of 1.2gbps. While attacks of that size are not impossible to defeat, EveryDNS was unprepared for such an attack. Steps were quickly taken to restore access throughout the attack. Going forward, EveryDNS will likely deploy a network that more closely resembles the architecture behind OpenDNS.
Hopefully this helps answer some of the common questions and misconceptions we’ve been seeing asked to us. We’ll provide more details when they are released over at EveryDNS.