[AusNOG] Global internet slows after 'biggest attack in history'
Damian Guppy
the.damo at gmail.com
Thu Mar 28 13:50:28 EST 2013
You need to keep in mind that the worse that Cloudflare makes this attack
seem, the better it makes them look for being able to mitigate it. 300gbps
is actually not that much on the scale of global backbone traffic (the
actualy amount of traffic hitting cloudflare only reached 120Gbps anyway),
Australia has much higher international capacity than that. Also DDOS
attacks are rearly sustained over more than a few hours, in the case of the
cloudflare attack it was more like waves of attacks lasting 4-5 hours each,
some big some small.
If some one pointed that kind of botnet attack at Australia the impact
might be degraded internet speeds on some ISP's for a few hours until
either the attack started to subside or for the ISP's NOC (and their
upstream providers - they dont want to carry the traffic any more than the
ISP does) to implement mitigations. You certainly would not be without
total internet access for weeks and weeks on end like what happens if a
critical exchange burns to the ground.
--Damian
On Thu, Mar 28, 2013 at 8:52 AM, Tom Paseka <tom at cloudflare.com> wrote:
> Definitely. Some ISPs may have enough capacity to soak up this traffic
> internationally, but not to carry it to Australia.
>
> On Wed, Mar 27, 2013 at 5:18 PM, Joshua D'Alton <joshua at railgun.com.au>wrote:
>
>> Nice writeup.
>>
>> It seems they are focusing alot on the open resolver issue, but that is
>> only half or 1/3rd of the coin. The other problem is people being able to
>> send all these forged packets in the first place, and beyond that, have so
>> many tcp connections.
>>
>> There are only a few ISPs globally outside of the tier1 and some tier2
>> that could handle such an attack, I think telstra (and subsequently all AU
>> isps) would crumble easily under such an attack, and I might be wrong,
>> please someone tell me I am, but we could be hit at any moment and with
>> ramifications far above that of the Warnambool fire?
>>
>>
>> On Thu, Mar 28, 2013 at 7:44 AM, Peter Adkins <
>> peter.adkins at kernelpicnic.net> wrote:
>>
>>> There's an interesting write up on the matter on the CloudFlare blog at
>>> the moment -
>>> http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet
>>>
>>> (The Massive Attack picture is a nice touch).
>>>
>>>
>>>
>>> On Thu, Mar 28, 2013 at 1:29 AM, ComKal Networks <admin at comkal.com.au>wrote:
>>>
>>>> <http://www.bbc.co.uk/news/technology-21954636>
>>>>
>>>> <QUOTE>
>>>> The internet around the world has been slowed down in what security
>>>> experts are describing as the biggest cyber-attack of its kind in history.
>>>> </QUOTE>
>>>>
>>>>
>>>> Cheers
>>>> Ian Manners
>>>> ComKal Networks Australia
>>>>
>>>> _______________________________________________
>>>> AusNOG mailing list
>>>> AusNOG at lists.ausnog.net
>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>
>>>
>>>
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130328/749441b0/attachment.html>
More information about the AusNOG
mailing list