Friday, February 27, 2009

Time Warner Internet been getting DDoS attacked for a week, finally releases a statement notifying customers

[caption id="attachment_1542" align="alignright" width="350" caption="Picture speaks for itself"]Picture speaks for itself[/caption]

I can't help but laugh at my all friends whom are Time Warner customers.  Every once in a while I witness my friends disconnect from our VOIP service Ventrilo, Steam, and WoW at the same time.  It's just not one friend whom it happens to, it's 4 of them that all use the same ISP, Time Warner Cable.  They all disconnect and reconnect at the same time.  My one friend in particular Kyle, commented saying that he never had any major issue with them before, and they've been reliable for the most part.  Except for like 3 weeks ago when he couldn't connect to WoW at all.  But my other friends, Pio, John, and Ralph all seem to have connectivity issues on a regular basis.

Hell even my boss has Time Warner.  She came into the office this morning saying that she was unable to load her website and called our hosting provider Rackspace asking if our site was down, where they told her the connectivity issue was on her end.

Time Warner for the past week has been getting bombarded with DDoS attacks.  ISPs deal with this sort of thing all the time.  However given the magnitude of this attack, Time Warner has been having a hard time blocking it.  Seeing as the attack is still happening as we speak, their network has been going at a snails pace.  Time Warner finally had came out and released a statement as to what's been going on:
Official Statement From Time Warner Cable re: Southern California DNS Outages

Over the past 7 days, hackers have launched a series of DOS attacks on Time Warner Cable's DNS servers, affecting customer experience in our Southern California and National regions. Subscribers in those areas would have seen intermittent "page cannot be displayed" errors as their DNS queries timed out. The outage did not result in DNS services being 100% unavailable; the outage was limited to sporadic timeouts which appeared to be random events.

These attacks are not uncommon, especially for a network as large as ours. However, this particular series of attacks has been larger and more difficult to contain than similar attacks in the past. We suspect that the attackers are using "zombie computers," or hijacking unsuspecting subscribers' machines to perpetuate the attack without its owner's knowledge.

As of 6PM EST on February 24th, we have amplified and expanded early detection and response to this sort of problem.

Customers who want to prevent their computers from being used in this sort of attack should make sure that their anti-virus and firewall software are up to date.

We apologize for any inconvenience this may have caused. Please know that we are currently working with the help of law enforcement to bring these attackers to justice.

It's my guess that somebody out there isn't happy with Time Warner, and this attack is probably his way of getting revenge.

If you are still affected from this attack then the only suggestion I can give is to change your DNS servers.

I use a free resource online called OpenDNS.  You can change your DNS settings by logging into your router, and inputting in the numbers they provide.  This should at least get you around the DNS issues Time Warner has with thier servers.  This should let you view websites much quicker.

P.S. I in no way, shape, or form take responsibility if you screw up any settings attempting to change your DNS.