I use EasyDNS, but this issue didn't affect me personally.<p>EasyDNS has built-in integration with Amazon's Route53, which will automatically push your DNS records to Amazon when you change them on the website. What I've done is used the 3 EasyDNS nameservers along with 3 from Route53. When one service is being DoS'ed, the requests will timeout and move to the next nameserver.
Posting this thread here, because HN uses EasyDNS.<p>If you have problem accessing HN, here are IPs, that you can put in your /etc/hosts file:<p><pre><code> 67.23.12.57 ycombinator.com
174.132.225.106 news.ycombinator.com
</code></pre>
or you can just wait, until attack is over.
I wonder if it's the same Chinese source as the attack on DNSMadeEasy in November and December? It was a multiple-gigabit, sustained attack on hundreds of thousands of domains. 4 of my domains were part of it, and I had to move them to another DNS provider to avoid going over my 10 million monthly queries limit.<p>I didn't really hear anything about it except from another DME customer that posted on HN. DME never even informed anyone about the attack.
Status of EasyDNS is also posted on twitter:<p><a href="https://twitter.com/#!/easyDNS" rel="nofollow">https://twitter.com/#!/easyDNS</a><p>There is more information about that attack than on status blog:<p><pre><code> "The attack is multi-faceted, multi-gb/sec SYN flood, ICMP and DNS flood.
Working with Prolexic to get DNS2 back online ASAP"
"We are still taking heat. We expect that to drop over time.
We are still putting in mitigation and workarounds."</code></pre>
The blog seems to have gone down. It's just a blog entry that says:<p>> We are currently experiencing an Denial of Service Attack against DNS1, DNS2 and DNS3 anycast strands.<p>> We are working on mitigation and will post updates as they become available.
Do these type of attacks typically occur from some state-run organized cluster of computers, or are they from zombied/infected "run of the mill" boxes on everyone's desktop?