[AusNOG] census issues tonight

Robert Hudson hudrob at gmail.com
Wed Aug 10 17:15:04 EST 2016 

Assuming they really did suffer a DDoS attack from overseas.

That appears to be an assumption which is proving hard to support...

On 10 Aug 2016 4:50 PM, "J Williams" <jphwilliams at gmail.com> wrote:

> In hindsight, they could have blocked international access via their
> upstream providers. This would have avoided almost all issues whilst still
> reaching almost all of the audience.
>
> Regards,
> Julian
>
> On Wed, Aug 10, 2016 at 4:11 PM, Paul Wilkins <paulwilkins369 at gmail.com>
> wrote:
>
>> Well here's the thing. Supposedly the Census site had capacity to serve
>> say 10M Australian clients.
>>
>> So if your architecture has its ducks in a row, you have a dedicated
>> resource pool(s) for Australian IPs. Now someone has to come up with a
>> botnet with > 10M Australian based IPs.
>>
>> Any overseas botnet will just disable access for the stragglers resource
>> pool, either overseas or on VPNs.
>>
>> Get the architecture right, and the operations takes care of itself.
>>
>> Kind regards
>>
>> Paul Wilkins
>>
>> On 10 August 2016 at 16:03, Mark Delany <g2x at juliet.emu.st> wrote:
>>
>>> > Mark,
>>> > If your point is that if an attacker can flood a server with traffic,
>>> the
>>> > DOS will succeed, then we agree.
>>>
>>> There are plenty of other resources to exhaust besides traffic
>>> capacity, but ok.
>>>
>>> > The point is to ensure that your attacker has an upper limit to
>>> resources
>>> > available to them on the server. This is much harder to achieve with
>>> HTTPS,
>>> > where you can't successfully create a session with a spoofed IP.
>>>
>>> True. But bots don't need to spoof IPs. Nor recipients of IMG
>>> tags. What makes you think the so-called DOS was based on spoofed IPs
>>> anyway? I don't think I made any mention of it.
>>>
>>> Point being, excepting the very largest destinations, it's not that
>>> hard to acquire more bot capacity than your target's server capacity.
>>>
>>>
>>> Mark.
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160810/68a4b648/attachment.html>

More information about the AusNOG mailing list