[dayglored]

This is a big deal, because even though (as intended by design) the internet's root servers as a group weathered this attack, two things are very troubling:

1. It could happen again and bigger,
2. They shouldn't have been that easy to knock offline.

So something needs attention, and soon.

[dayglored]

Internet's root servers vulnerable to DDoS? Uh-oh ... PING!

You can find all the Windows Ping list threads with FR search: just search on keyword "windowspinglist".

[gaijin]

GayMuzzie doesn’t like the Samizdat, wants the MSM monopoly back.

[butlerweave]

This is nothing compared to what’s going to happen when Obama gives the Internet to the United Nations

[mrsmith]

‘So something needs attention, and soon. ‘

Yeah, the perps.
This is no different than blowing up a ‘brick and mortar’ utility.

[Alas Babylon!]

Yup. It is a big deal. 3 of out 13 is too many. We need to add more roots servers.

[TChad]

Another article:

http://arstechnica.com/security/2015/12/attack-flooded-internet-root-servers-with-5-million-queries-a-second/

From that article:

A large botnet of infected computers or other Internet-connected devices is the most plausible explanation for such an attack. That would explain how the attack occurred, but it doesn't shed any light on why it was carried out. It has also renewed calls for networks to implement BCP 38, an Internet Engineering Task Force standard for defeating IP address spoofing. Many networks enforce it, but some still don't, and they're the ones making such attacks possible.

From that article's comments:

For anybody who was wondering, BCP 38 is a 15 year old proposal, and it's pretty straightforward to implement - in most cases it'd be a single firewall rule on an ISP's customer-facing router(s).

There's no justification for not implementing it basically everywhere.

[Jim Robinson]

Oh, this is bad. We should turn control of the internet over to the UN so it can be more secure. /s

[Dallas59]

I blame climatey changey.

[CitizenUSA]

I hadn’t heard about this. I’m no expert but I have had some professional networking training. I agree this is very serious but not at all unexpected. America is very, very dependent on the Internet these days.

[logi_cal869]

For the non-geeks:

Bookmark
209.157.64.200
&
209.157.64.201

Both’ll get you to FR without regard to DNS server problems. As well, you can get to other sites via their IP addresses. Domain Name Servers resolve the web address to the IP. When DNS fails for any reason, websites don’t load but usually will via IP.

This will get other IPs if you don’t know how to use your cmd interface
http://www.ip-tracker.org/

Create a separate folder for all your go-to websites via IPs with the name of the link being the URL and the shortcut address being the IP; it only takes minutes and reduces your reliance on tech that will ultimately fail again and cause you “Not found” or “Error” et al...

[rarestia]

It’s difficult to protect against a DDoS. There has to be a balance between security and functionality. The root servers are VERY busy and are not actually servers but farms of them. To jam up an entire DNS farm takes a very concerted effort.

[csvset]

China ? Russia ? Iran ? Obama Regime ? Israel? Heretofore unknown hacker group ? White Hats? Black Hats?

[ShadowAce]

[GOPJ]

... the internet's root servers as a group weathered this attack, two things are very troubling: It could happen again and bigger, They shouldn't have been that easy to knock offline. So something needs attention, and soon.

An Administration that couldn't create a web page to sell a product like health insurance might not be capable of understanding how important the issue is...

Liberal elites think they're smart because they have "airs, attitudes, and tone"... but little else. They're fools.

These are scary times.