Re: Level 3 voice outage

[Marco Teixeira <admin () marcoteixeira com>]

I won't believe a company like Level3 would not deploy backplane
protection/policing on routers. Also, 1Tb/s aggregated DDoS towards OVH
network didn't pause or rebooted routers. And i guess both companies have
had their share of (D)DoS in the past, so they had the time to get up to
the challenge. Now... there where times where one malformed IP packet would
cause a memory leak leading to a router reboot... :)​




On Tue, Oct 4, 2016 at 8:23 PM, Mel Beckman <mel () beckman org> wrote:

> 765 Gbps per second directed at a router’s interface IP might give the
> router pause, so to speak :)
>
>  -mel
>
> On Oct 4, 2016, at 12:10 PM, Marco Teixeira <admin () marcoteixeira com>
> wrote:
>
> Multiple reboots across several markets... Does not seem something that
> full pipes would trigger. Had it been an approved chance it would have been
> rolled back i guess... On the other hand, a zero day could apply...
>
> Em 04/10/2016 19:54, "Mel Beckman" <mel () beckman org> escreveu:
>
> > Sure. The recent release of the IoT DDoS attack code in the wild.
> >
> >  -mel
> >
> > > On Oct 4, 2016, at 11:42 AM, Valdis.Kletnieks () vt edu wrote:
> > >
> > > On Tue, 04 Oct 2016 18:14:54 -0000, Mel Beckman said:
> > >
> > > > This could be DoS attack.
> > >
> > > Or a missing comma in a code update.
> > >
> > > Or a fumble-fingered NOC monkey.
> > >
> > > Or....
> > >
> > > You have any reason to suspect a DoS attack rather than all the other
> > > possibilities?