<div>
Almost certainly DNS queries on port 53. A DDOS attack is when thousands of machines all make many requests at once, exceeding the capacity of the service in question to respond to genuine queries.
</div>


<div>
Did they publish which name servers yet &nbsp;or does someone know the CIDR ranges?
</div>


<div>
When of if DYN publishes what the attack looked like, many Network admins will be able to identify if there were compromised hosts from their own network. LearnCTX you offered some possible scenarios, but they are guesses for now. &nbsp;It could have also been a DIG request in which the request is small but the reply is huge.
</div>


<div>
You can check out the article which has the analysis - mainly on &quot;DNS Water Torture&quot; and &quot;GRE IP and Ethernet Floods&quot;. This is closely related to the Mirai botnet
<blockquote>
Mirai’s attack function enables it to launch HTTP floods and various network (OSI layer 3-4) DDoS attacks. <br />
<br />
For network layer assaults, Mirai is capable of launching GRE IP and GRE ETH floods, as well as SYN and ACK floods, STOMP (Simple Text Oriented Message Protocol) floods, DNS floods and UDP flood attacks.
</blockquote>
<br />
<a href="https://f5.com/about-us/news/articles/mirai-the-iot-bot-that-took-down-krebs-and-launched-a-tbps-ddos-attack-on-ovh-21937" rel="ugc">https://f5.com/about-us/news/articles/mirai-the-iot-bot-that-took-down-krebs-and-launched-a-tbps-ddos-attack-on-ovh-21937</a><br />
<a href="https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html" rel="ugc">https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html</a>
</div>


<div>
<div class="content wysiwyg-content">
Does anyone know the type of traffic (protocol and ports) that the bots were programmed to use to attack dyn name servers?<br />
Not sure if they published that yet.
</div>
</div>


Does anyone know the type of traffic (protocol and ports) that the bots were programmed to use to attack dyn name servers?
Not sure if they published that yet.

DDOS against DYN

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.