Digital Spy

Search Digital Spy
 

DS Forums

 
 

Biggest ever DDoS against Spamhaus


Reply
Thread Tools Search this Thread
Old 27-03-2013, 16:19
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524

Apparently the worlds biggest ever DDoS attack is taking place against Spamhaus's DNS servers.

It's been provoked by duch host Cyberbunker who were annoyed at being blacklisted. (should probably stop sending spam then)

They've been receiving 300Gbps. which is huge.

The reason i wanted to bring this to your attention is that Cloudflare (DDoS mitigation experts) wrote a really interesting blog article about how they've been able to mitigate it.

http://blog.cloudflare.com/the-ddos-...offline-and-ho

bit of a read but it explains a lot about DDoS and DDoS mitigation. how attackers are able to amplify their bandwidth. well worth a read.
flagpole is offline   Reply With Quote
Please sign in or register to remove this advertisement.
Old 27-03-2013, 18:07
Fousty-McFish
Forum Member
 
Join Date: Sep 2011
Posts: 111
Interesting stuff even if some of it is way over my head !
Fousty-McFish is offline   Reply With Quote
Old 27-03-2013, 20:57
JeffG1
Forum Member
 
Join Date: Jan 2005
Location: Newbury
Posts: 4,805
This was actually mentioned on the BBC 6 o'clock radio news. It said it caused a world-wide internet slowdown.
JeffG1 is offline   Reply With Quote
Old 27-03-2013, 21:10
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524
300Gbps is a lot for DDoS. But I don't know how it compares to regular traffic.
flagpole is offline   Reply With Quote
Old 27-03-2013, 21:13
IvanIV
Forum Member
 
Join Date: May 2006
Posts: 20,893
I have read about the DNS reflection already, it seems to be a very popular method of DDoS. A very effective way to generate a lot of traffic.
IvanIV is offline   Reply With Quote
Old 27-03-2013, 21:20
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524
It is. It's an interesting parallel between open DNS resolvers and open SMTP relays.

There is a new blog post about it.

http://blog.cloudflare.com/the-ddos-...e-the-internet
flagpole is offline   Reply With Quote
Old 27-03-2013, 21:31
d'@ve
Forum Member
 
Join Date: Oct 2003
Location: Darn Sarf
Posts: 20,315
Apparently the worlds biggest ever DDoS attack is taking place against Spamhaus's DNS servers.
IS taking place?

www.spamhaus.org is up and online right now, and the source articles about it seem to be a week old (apart from the BBC's belated report).

No Internet slowing noticed at my house, either. If this kind of DDOS attack becomes too common, major ISPs will have to collectively take action to block the methods used, by closing their server/DNS resolver holes etc. used by the mildly irritating little pricks who launch such attacks.
d'@ve is offline   Reply With Quote
Old 27-03-2013, 21:36
IvanIV
Forum Member
 
Join Date: May 2006
Posts: 20,893
1.5Tbps peaks. Imagine how much porn could not get through because of this
IvanIV is offline   Reply With Quote
Old 27-03-2013, 21:37
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524
IS taking place?

www.spamhaus.org is up and online right now, and the source articles about it seem to be a week old (apart from the BBC's belated report).

No Internet slowing noticed at my house, either. If this kind of DDOS attack becomes too common, major ISPs will have to take action to block the methods used, by closing their server holes used by the annoying little pricks who launch such attacke.
Yes IS.

Read the second blog article I linked to.
flagpole is offline   Reply With Quote
Old 27-03-2013, 21:41
d'@ve
Forum Member
 
Join Date: Oct 2003
Location: Darn Sarf
Posts: 20,315
Yes IS.

Read the second blog article I linked to.
I just did. However...

www.spamhaus.org - up and running.

As I said, if the mildly irritating spam lovers who liaise with little DDOS boys to do this kind of thing become too much of a problem, the holes they depend on (which shouldn't exist anyway) will eventually be closed. "Can't be bothered" will turn into "better do something, damn".
d'@ve is offline   Reply With Quote
Old 27-03-2013, 21:41
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524
1.5Tbps peaks. Imagine how much porn could not get through because of this
That'll be the back lash. No body will care, linx went down, who gives a shit. Your porn might start buffering. What!? I demand action.
flagpole is offline   Reply With Quote
Old 27-03-2013, 21:46
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524
I just did.

www.spamhaus.org - up and running.

As I said, if the mildly irritating spam lovers who liaise with little DDOS boys to do this kind of thing become too much of a problem, the holes they depend on (which shouldn't exist anyway) will eventually be closed. "Can't be bothered" will turn into "better do something, damn".
It never went down. The site was up as soon add cloudflare took over. But the block lists stopped updating.

I think you are right to an extent that these things are seen as an irritation. If they do real damage they will find they have teak world problems. It's ironic that if they hadn't protected linx and it went down it would probably have been the end of them.

Incidentally the post is 4 hours old. Not a week.
flagpole is offline   Reply With Quote
Old 27-03-2013, 21:55
d'@ve
Forum Member
 
Join Date: Oct 2003
Location: Darn Sarf
Posts: 20,315
Incidentally the post is 4 hours old. Not a week.
The first one you linked to, which is what I then referred to, is a week old.
d'@ve is offline   Reply With Quote
Old 27-03-2013, 22:13
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524
The first one you linked to, which is what I then referred to, is a week old.
The story has been developing. I thought I was pretty clear that I thought people might be interested in reading about ddos in the context of what was currently happening.

If you want to give me your number I'll run my future threads past you. Make sure I don't make any more mistakes.
flagpole is offline   Reply With Quote
Old 27-03-2013, 22:46
d'@ve
Forum Member
 
Join Date: Oct 2003
Location: Darn Sarf
Posts: 20,315
The story has been developing. I thought I was pretty clear that I thought people might be interested in reading about ddos in the context of what was currently happening.

If you want to give me your number I'll run my future threads past you. Make sure I don't make any more mistakes.
Oh for gods sake, I know that. The only point I was making was that it's taken the BBC (which someone mentioned before my first post) a week to pick up on the story - no need to be so melodramatic.
d'@ve is offline   Reply With Quote
Old 27-03-2013, 22:49
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524
Oh for gods sake! The only point I was making was that it's taken the BBC a week to pick up on this - no need to be so melodramatic.
But it hasn't. It hasn't taken me or the BBC a week to pick up on it.
flagpole is offline   Reply With Quote
Old 27-03-2013, 22:50
d'@ve
Forum Member
 
Join Date: Oct 2003
Location: Darn Sarf
Posts: 20,315
Jeez. Dog, bone.

Good evening, better things to do.
d'@ve is offline   Reply With Quote
Old 27-03-2013, 22:53
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524
Jeez. Dog, bone.

Good evening, better things to do.
Well you see I have noticed that you trend to assume people are stupid. In this case me and the BBC.
flagpole is offline   Reply With Quote
Old 27-03-2013, 23:01
Helbore
Forum Member
 
Join Date: Nov 2005
Posts: 9,834
Considering how much time I waste dealing with Spamhaus false-positives f*cking my clients' email delivery, I feel no sympathy for them.
Helbore is offline   Reply With Quote
Old 27-03-2013, 23:02
whoever,hey
Forum Member
 
Join Date: Mar 2006
Posts: 29,706
Its bloody clever. I remember reading about this many-many DDoS when my server got DoS attacked last year. It was strangely quite a proud moment when it was deemed significant enough
whoever,hey is offline   Reply With Quote
Old 28-03-2013, 13:00
cnbcwatcher
Forum Member
 
Join Date: Sep 2008
Location: Avoiding Labour Law lecturers
Posts: 50,082
I'm noticing slower internet now. Some websites are completely inaccessible or they're very slow to load. Is anyone else noticing it?
cnbcwatcher is offline   Reply With Quote
Old 28-03-2013, 13:23
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524
I'm noticing slower internet now. Some websites are completely inaccessible or they're very slow to load. Is anyone else noticing it?
i keep thinking i notice that. but then i'm not sure if i'm imagining it.
flagpole is offline   Reply With Quote
Old 28-03-2013, 14:06
IvanIV
Forum Member
 
Join Date: May 2006
Posts: 20,893
I think somebody should attack this way those dodgy DNS servers to make those people realise what time bombs they are running. Nobody changes anything otherwise.
IvanIV is offline   Reply With Quote
Old 28-03-2013, 14:12
flagpole
Inactive Member
 
Join Date: Jan 2003
Posts: 43,524
I think somebody should attack this way those dodgy DNS servers to make those people realise what time bombs they are running. Nobody changes anything otherwise.
they said there are 21m i think. though if they are being used for the largest attack in history they must have extra load.

i thought it was a bit odd that the blog suggested people check their server, but didn't have a link as to how.
flagpole is offline   Reply With Quote
Old 28-03-2013, 14:48
cnbcwatcher
Forum Member
 
Join Date: Sep 2008
Location: Avoiding Labour Law lecturers
Posts: 50,082
i keep thinking i notice that. but then i'm not sure if i'm imagining it.
I don't think I'm imagining it. I haven't been able to access my university email all day and I've also had trouble with various news sites.
cnbcwatcher is offline   Reply With Quote
 
Reply



Thread Tools Search this Thread
Search this Thread:

Advanced Search

 
Forum Jump


All times are GMT +1. The time now is 00:56.