Afrihost, MTN Internet problems explained: it was a cyber-attack

Paul Hjul

Honorary Master
Joined
Aug 31, 2006
Messages
14,902
I also like the fact that the problem was fixed first and investigated before running to the "cyber attack" / "missing bolt" / "malicious hacker" mode. It means they are providing the reason for an incident and have taken ownership of a problem not of their making. I particularly appreciate the admission that there was a bug in the system that came to the fore because of the DDOS attack and the fact that it is clear that the system will be modified according to the best practice on the revised evidence - this is how these things get better.

Of course - and Afriguy should be able to predict this - I would argue that this fortifies the case for them to get a dog as I am sure AfriDog patrolling the server room could have come in handy; unless he decided to mark his territory on one of the racks.
 

AfriMan

Afrihost Representative
Company Rep
Joined
May 24, 2012
Messages
17,240
I also like the fact that the problem was fixed first and investigated before running to the "cyber attack" / "missing bolt" / "malicious hacker" mode. It means they are providing the reason for an incident and have taken ownership of a problem not of their making. I particularly appreciate the admission that there was a bug in the system that came to the fore because of the DDOS attack and the fact that it is clear that the system will be modified according to the best practice on the revised evidence - this is how these things get better.

Of course - and Afriguy should be able to predict this - I would argue that this fortifies the case for them to get a dog as I am sure AfriDog patrolling the server room could have come in handy; unless he decided to mark his territory on one of the racks.

It was a really unfortunate incident. Reality is with DOS attacks there is really not much that one can do, or actions that can be taken. But with MTN's resources, it's a reassuring feeling to know that they will do everything they can to beef up their systems and security.
 

LazyLion

King of de Jungle
Joined
Mar 17, 2005
Messages
103,683
Maybe somebody is still upset over MTN's deal with Iran?
Cyber revenge?
 

magneto

Senior Member
Joined
Aug 3, 2005
Messages
750
hmmm interesting. last Sunday China's .cn cc TLD Domain servers were hit by similar DDOS attack

@AfriMan
what was the Attack Peak volume?

update Q
also what was the queries peak per sec?
 
Last edited:

Skerminkel

Expert Member
Joined
Dec 3, 2008
Messages
3,691
He said that during the outage there was great communication from MTN to Afrihost. “We hope that we in turn did a fairly good job in communicating what was going on during the outage,” Payne said

Tue that. And great communication from Afrhost to clients. Received sms and email and tweets every 5 min. It also helped that I wasn't using my connection at the time - away from home ;)
 

uchoose

Senior Member
Joined
May 19, 2009
Messages
641
I use Google public DNS only because I read an article on how to speed up your browsing experience. Google FAQ's will help if you want to do it - https://developers.google.com/speed/public-dns/faq#whatis. And to check if it is much faster you can use this free test software from google http://code.google.com/p/namebench/. To be honest it is faster and looks like it is more secure than MTN's :), so unless afrihost can convince me otherwise I will stick with google public dns even though the test says Datapro ZA is 21% faster.
 

AfriMan

Afrihost Representative
Company Rep
Joined
May 24, 2012
Messages
17,240
hmmm interesting. last Sunday China's .cn cc TLD Domain servers were hit by similar DDOS attack

@AfriMan
what was the Attack Peak volume?

update Q
also what was the queries peak per sec?

I don't have that info. What I do know that is that it was fairly severe that it caused MTN the headaches that they experienced. These are some very tech-savvy and paranoid people who prepare for every possible eventuality, so it's really hard to catch them off-guard.

The issue did highlight a few improvements that could be made on their side and our side, and we'll be looking at implementing those as quickly as possible, if they haven't been done already. Considering the kind of issue they were dealing with, I think the guys really pushed the limits and managed to turn this around in a pretty good time. As far as DOS attacks go, it's generally an issue than no ISP ever wants to get a lot of practice with.

Let's hope the DOSers out there have turned their focus elsewhere :(
 
Top