[AusNOG] census issues tonight

Alan Maher alanmaher at gmail.com
Wed Aug 10 19:04:14 EST 2016 

I am familiar with this. IBM stands for "I've Been Moved". In fact, I 
have almost forgotten the number of IBM reunions that I have seen.

Ultimately, the cause will be investigated, sanitised, and eventually 
released as a PR Blurb. This par for any Govt. around the globe.

Why do I not seem surprised? Seen it all before, more than once.


On 10/08/2016 8:33 p.m., Simon Sharwood wrote:
> FWIW I know several IBMers recently made redundant. They say that 
> anyone on decent money and with a couple of decades experience has 
> been let go to save on wages. The folks left behind are bright, but 
> inexperienced. Which may be why the mitigations discussed above 
> weren't employed.
>
> The thing that will be interesting in the washup is whether the 
> ABS/McGibbon ever admit this was hostile action.
>
> McGibbon is currently saying DDOSes are not any form of attack, just a 
> blocking action. I think a truckies blockade is a better example. Or 
> perhaps a zombie truckie blockade.
>
> One last thing: ever security vendor capable of spelling DDOS is 
> contacting media today saying they can explain this crisis away and 
> keep you all out of the headlines.
>
> S.
>
> On Wed, Aug 10, 2016 at 4:49 PM, J Williams <jphwilliams at gmail.com 
> <mailto:jphwilliams at gmail.com>> wrote:
>
>     In hindsight, they could have blocked international access via
>     their upstream providers. This would have avoided almost all
>     issues whilst still reaching almost all of the audience.
>
>     Regards,
>     Julian
>
>     On Wed, Aug 10, 2016 at 4:11 PM, Paul Wilkins
>     <paulwilkins369 at gmail.com <mailto:paulwilkins369 at gmail.com>> wrote:
>
>         Well here's the thing. Supposedly the Census site had capacity
>         to serve say 10M Australian clients.
>
>         So if your architecture has its ducks in a row, you have a
>         dedicated resource pool(s) for Australian IPs. Now someone has
>         to come up with a botnet with > 10M Australian based IPs.
>
>         Any overseas botnet will just disable access for the
>         stragglers resource pool, either overseas or on VPNs.
>
>         Get the architecture right, and the operations takes care of
>         itself.
>
>         Kind regards
>
>         Paul Wilkins
>
>         On 10 August 2016 at 16:03, Mark Delany <g2x at juliet.emu.st
>         <mailto:g2x at juliet.emu.st>> wrote:
>
>             > Mark,
>             > If your point is that if an attacker can flood a server
>             with traffic, the
>             > DOS will succeed, then we agree.
>
>             There are plenty of other resources to exhaust besides traffic
>             capacity, but ok.
>
>             > The point is to ensure that your attacker has an upper
>             limit to resources
>             > available to them on the server. This is much harder to
>             achieve with HTTPS,
>             > where you can't successfully create a session with a
>             spoofed IP.
>
>             True. But bots don't need to spoof IPs. Nor recipients of IMG
>             tags. What makes you think the so-called DOS was based on
>             spoofed IPs
>             anyway? I don't think I made any mention of it.
>
>             Point being, excepting the very largest destinations, it's
>             not that
>             hard to acquire more bot capacity than your target's
>             server capacity.
>
>
>             Mark.
>             _______________________________________________
>             AusNOG mailing list
>             AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>             http://lists.ausnog.net/mailman/listinfo/ausnog
>             <http://lists.ausnog.net/mailman/listinfo/ausnog>
>
>
>
>         _______________________________________________
>         AusNOG mailing list
>         AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>         http://lists.ausnog.net/mailman/listinfo/ausnog
>         <http://lists.ausnog.net/mailman/listinfo/ausnog>
>
>
>
>     _______________________________________________
>     AusNOG mailing list
>     AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>     http://lists.ausnog.net/mailman/listinfo/ausnog
>     <http://lists.ausnog.net/mailman/listinfo/ausnog>
>
>
>
>
> -- 
> Simon Sharwood | JargonMaster Corporate Communications |
> M +61 (0)414 37 37 26 |
> E simon at jargonmaster.com <mailto:simon at jargonmaster.com> | W 
> www.jargonmaster.com <http://www.jargonmaster.com>
> 24 North Street Marrickville NSW 2204 AUSTRALIA
> ABN: 14743763968
> Work blog: jargonmaster.wordpress.com <http://jargonmaster.wordpress.com>
> Free/Busy details: http://www.jargonmaster.com/calendar/
> I'm a member of DHBC.org.au <http://DHBC.org.au> and a vExpert
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog



---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160810/305d29ed/attachment.html>

More information about the AusNOG mailing list