You suggest it's probing. Then how would the full scale attack look like? Also, how does probing help the perpetrators, doesn't it lead to better defenses in the future?
These attacks seem to be getting sophisticated faster than defenses are being thrown up. It might lead to better defenses in 5 or 10 years, but the Internet at large is built out of infrastructure is difficult and slow to upgrade. And is everyone scrambling for a solution? Not really... Most are taking the mentality "well sucks to by Dyn but it's not affecting me so I don't need to respond".
Especially because the vulnerabilities being exploited right now seem to by systemic. It's not like patching a zero day. "Uh... we've got 45,000,000 un-upgradeable IOT devices from dozens of different manufacturers executing a DoS attack". You can't fix that the same way you fix a privilege escalation bug in the linux kernel.
If the attackers end up finding the Internet's equivalent to a jugular, there might not be much we can do about it. BGP isn't going to be replaced in the next 10 years, it's here whether we like it or not. DNS is also not going to be replaced in the next 10 years. And neither are the major centralized internet exchange points. Any vulnerabilities an attacker can find related to the fundamental design of those things are going to remain vulnerabilities for many years. If the attacker can get good at exploiting them, we are in trouble.
Not sure what the disagreement is, seems logical. The attack knocked out service and presumably attackers recorded the failure threshold and mitigation attempt. Then recalibrated again to confirm/get more data and pushed another high vol attack.
because a number of high profile sites decided to put all their DNS eggs in a single, vulnerable basket does not make Dyn "critical internet infrastructure" nor this volumetric DDoS attack a "probe"
Who's next?