[AusNOG] What are we going to do about IoT (in)security?
Roland Dobbins
rdobbins at arbor.net
Mon Jun 12 12:21:30 EST 2017
On 12 Jun 2017, at 9:09, Mark Delany wrote:
> About 1Tb/s over a week or so at a few targets?
There've been no verified DDoS attacks of this size, yet, FYI. A lot of
unsupported claims in the media, but that's it.
What we find is that often organizations don't have a good baseline of
their usual traffic, and so they end up adding DDoS attack traffic on
top of their usual traffic, for an inflated number. And in many cases,
such as a DNS server or TCP-based service (like a Web server) subject to
a successful attack, legitimate clients commence re-trying when the
service is unavailable, and that traffic is mistakenly interpreted as
attack traffic.
> Kinda chicken-feed compared to the capability, no?
I agree that there's a lot more to come. But 'waiting to happen'
implies there isn't already a significant problem - when clearly there
is, and has been for many years.
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the AusNOG
mailing list