Early this morning (US East Coast time), CenturyLink started having problems with routes passing AS3356. This network is central in routing a large part of internet traffic, and the outage is still causing problems for many services like for example OpenDNS, Duo Security, Cloudflare, Imperva (a service SANS, and isc.sans.edu uses). At this point, there is no indication that this is an attack. This looks so far like a misconfiguration or maybe a hardware failure. If a network like AS3356 has problems handling traffic, a typical response is to route traffic via a different network. As a customer of CenturyLink, you would disconnect from CenturyLink, and instead, advertise your IP address space via a different backup ISP. It looks like this failed for two reasons in many cases:
What can you do about this as an end-user? Not much. Wait for CenturyLink to find a network engineer who is fluent enough in BGP to fix this. Some customers of CenturyLink report estimated times to resolution quoted at 1 pm ET. But there is no public acknowledgment of this time. I have seen some traffic come back to ISC/Imperva. For ISC, we also have dshield.org which does not appear to be affected (different ISP setup). You may want to disable affected services like OpenDNS as they may make things worse. Google DNS appears to be working. You could also decide to not require 2FA if you rely on a service like Duo. But I will live that risk decision up to you. And attackers could take advantage of widespread disabling of Duo. Also: the companies I named here are just some notable once I ran across as affected. There are likely more. --- |
Johannes 4479 Posts ISC Handler Aug 30th 2020 |
Thread locked Subscribe |
Aug 30th 2020 1 year ago |
Comcast appears to have been seriously impacted by this as well. We saw issues from 6:05 AM until 10:18 AM Eastern Daylight Savings time today.
|
Anonymous |
Quote |
Aug 30th 2020 1 year ago |
Sign Up for Free or Log In to start participating in the conversation!