A quick post to thank everyone who has added their story Gift of Safe so far. That’s Judi, Paul, Daniel, Tom, Al, Trey, Alek, Rick, Michelle, Eddy and Chai.

Thanks also to those of you who have given the Gift of Safe by sending an e-mail from the site to family and friends. It’s a great holiday gift and I’m confident those who’ve received it appreciate it.

If you haven’t yet told us who you’d keep safe from phishing, please do! Add your story by sending an e-mail to giftofsafe at opendns dot com. I’ll get the e-mail and make sure your story is added to the site as soon as possible. Most people have sent a picture, either of the person they would protect or the two of them together. A picture is certainly not required, but makes your story more interesting for others to read.

Looking forward to hearing from you soon!

When we all head back into the office on Monday we’ll update this post with a more accurate and complete explanation of the recent DDoS against EveryDNS, another DNS service, which I started over five years ago. For the moment, I’m working to get everything back in order and spend a few hours of the weekend relaxing.

There are a couple of facts which I’d like to clarify:

1. OpenDNS’ recursive DNS service was never affected during this attack against EveryDNS. The two companies run on completely different servers in different datacenters.
2. The OpenDNS website was affected for a short period of time, approximately 30 minutes, because OpenDNS used EveryDNS for authoritative DNS services. We had a separate DNS architecture in place which we had not yet transitioned the opendns.com domain over to. We immediately did that and service to the website was restored quickly.
3. The attack against EveryDNS was not related to our efforts in running PhishTank, our community anti-phishing effort. PhishTank was not affected at all during the attack.
4. The combined DDoS against all of the EveryDNS infrastructure was in excess of 1.2gbps. While attacks of that size are not impossible to defeat, EveryDNS was unprepared for such an attack. Steps were quickly taken to restore access throughout the attack. Going forward, EveryDNS will likely deploy a network that more closely resembles the architecture behind OpenDNS.

Hopefully this helps answer some of the common questions and misconceptions we’ve been seeing asked to us. We’ll provide more details when they are released over at EveryDNS.

I’ve just posted about this on the OpenDNS System Status site, but the OpenDNS.com website (and blog.opendns.com, etc.) were unavailable due to authoritative DNS failure for about 90 minutes earlier today, starting around 1pm PT (21:00 UTC). Here are the details.

I will repeat myself on a few key points.

First, OpenDNS’s speedy, reliable DNS was not affected. Our website is treated separately from our DNS, for this reason among others.

Second, the cause of the failure was a Denial of Service (DOS) attack on EveryDNS. David Ulevitch, CEO of OpenDNS, also owns and operates EveryDNS, but the two companies are separate. OpenDNS has used EveryDNS services, although we’ve now spread the authoritative DNS for OpenDNS more broadly as a result of this incident.

Third, the DOS attack on EveryDNS continues. It’s being actively worked on, as you can imagine. As we learn more, we’ll share it in this post, since I know other EveryDNS customers are interested, too.

Update: As of 9:30pm PT, December 1 (05:30 UTC December 2), EveryDNS is recovering. Still under attack, but mitigated. Status report on the EveryDNS home page. I’ll leave it to EveryDNS for updates from here on.

Note: you can bookmark or save our OpenDNS System Status site at http://208.67.219.60/ just for rare events like this, whether there is an authoritative or recursive DNS issue.

Check out our holiday campaign, The Gift of Safe.

We asked a handful of OpenDNS users who they would give the Gift of Safe to, or who they would keep safe from phishing. The answers are good - some are funny, some are touching, all are heartfelt.

I know there are lots of people who aren’t necessarily on your gift list, but who you would like to show your appreciation to. What better a gift than helping to keep them safe?

Give the Gift of Safe, and add your story.

Who would you protect?

http://www.thegiftofsafe.com