[AusNOG] census issues tonight

Paul Wilkins paulwilkins369 at gmail.com
Wed Aug 10 16:11:01 EST 2016


Well here's the thing. Supposedly the Census site had capacity to serve say
10M Australian clients.

So if your architecture has its ducks in a row, you have a dedicated
resource pool(s) for Australian IPs. Now someone has to come up with a
botnet with > 10M Australian based IPs.

Any overseas botnet will just disable access for the stragglers resource
pool, either overseas or on VPNs.

Get the architecture right, and the operations takes care of itself.

Kind regards

Paul Wilkins

On 10 August 2016 at 16:03, Mark Delany <g2x at juliet.emu.st> wrote:

> > Mark,
> > If your point is that if an attacker can flood a server with traffic, the
> > DOS will succeed, then we agree.
>
> There are plenty of other resources to exhaust besides traffic
> capacity, but ok.
>
> > The point is to ensure that your attacker has an upper limit to resources
> > available to them on the server. This is much harder to achieve with
> HTTPS,
> > where you can't successfully create a session with a spoofed IP.
>
> True. But bots don't need to spoof IPs. Nor recipients of IMG
> tags. What makes you think the so-called DOS was based on spoofed IPs
> anyway? I don't think I made any mention of it.
>
> Point being, excepting the very largest destinations, it's not that
> hard to acquire more bot capacity than your target's server capacity.
>
>
> Mark.
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160810/84cb1e42/attachment.html>


More information about the AusNOG mailing list