[AusNOG] The shape of DDoS to come

Mark Newton newton at atdot.dotat.org
Thu Oct 27 11:35:09 EST 2016

On Oct 27, 2016, at 11:17 AM, Peter Tiggerdine <ptiggerdine at gmail.com> wrote:
> Is there any evidence to suggest that IoT devices played a part on this DDoS?

http://arstechnica.com/security/2016/09/botnet-of-145k-cameras-reportedly-deliver-internets-biggest-ddos-ever/ <http://arstechnica.com/security/2016/09/botnet-of-145k-cameras-reportedly-deliver-internets-biggest-ddos-ever/>

http://www.pcworld.com/article/3134039/hacking/chinese-firm-admits-its-hacked-products-were-behind-fridays-massive-ddos-attack.html <http://www.pcworld.com/article/3134039/hacking/chinese-firm-admits-its-hacked-products-were-behind-fridays-massive-ddos-attack.html>

> My understanding is we're still dealing with the same problem as ever; unpatched/secured desktops/routers/switches which when you consider how accessible large amounts of bandwidth is explain the increase in DDoS size.

No, we’re dealing with hundreds of thousands of tiny systems sending a handful of pps each, using reference firmware sourced from a single supplier (in this case: Hangzhou Xiongmai Technology), installed in devices which don’t provide firmware upgrade methods, owned by users who have no idea they’re even running software.

  - mark

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20161027/39172cd1/attachment.html>

More information about the AusNOG mailing list