nanog mailing list archives
Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet"
From: Joshua Goldbard <j () 2600hz com>
Date: Wed, 27 Mar 2013 19:18:29 +0000
That was a really big attack. The scary part is that it's all DNS reflection, meaning the attackers only need 3Gbps of bandwidth to generate 300Gbps of DDoS. Imagine if they compromised some of the medium sized corporate networks along with these Botnets. I don't know if the exchanges could hold up against 1Tbps of DDoS, and the difference between 300 and 1000Gbps is not a lot. While I'm excited that CloudFlare is doing such a good job bringing this to the attention of the masses I can't help but feel that this is essentially a time bomb. If this attack was an order of magnitude larger, things might be very different. Cheers, Joshua Sent from my iPhone On Mar 27, 2013, at 12:10 PM, "Warren Bailey" <wbailey () satelliteintelligencegroup com> wrote:
Is someone pissed off at Spamhaus, or was the intention to packet them so hard their entire network ceased to exist so they can no longer offer DROP/RBL/xyz service? Seldom do hax0r nations target things without some type of "justification". I don't really care who is being internet murdered, I care why. It's probably the same people who have been posting news articles from Ashworth's email. On 3/27/13 11:44 AM, "Jay Ashworth" <jra () baylink com> wrote:http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet Yes: 120 gigabits/second, primarily of DNS amplification traffic. Still think it's optional to implement BCP38 pervasively? Cheers, -- jra -- Jay R. Ashworth Baylink jra () baylink com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
Current thread:
- Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Jay Ashworth (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Warren Bailey (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Joshua Goldbard (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Paul Ferguson (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Rich Kulawiec (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" John Curran (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Joshua Goldbard (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Warren Bailey (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" William Herrin (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Warren Bailey (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Jordan Michaels (Mar 27)
- <Possible follow-ups>
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Scott Weeks (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" William Herrin (Mar 27)
- Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet" Huasong Zhou (Mar 27)