News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
November 21, 2014, 17:31:10
Pages: [1]   Go Down
  Print  
Topic: DDoS attacks ...  (Read 1964 times)
0 Members and 1 Guest are viewing this topic.
« on: September 13, 2006, 06:41:25 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8402



FYI...

- http://www.informationweek.com/shared/printableArticle.jhtml?articleID=192701817
September 12, 2006
"Large scale denial-of-service attacks, growing in size and increasing in frequency, are the biggest threats to Internet service providers, a security company said Tuesday. ISPs are spending more to defend against massive denial-of-service (DoS) attacks than they are protecting themselves against highly-publicized worm attacks, Lexington, Mass.-based Arbor Networks reported in its annual survey of major providers. According to the Arbor poll of 55 ISPs in North America, Europe, and Asia, multi-gigabit, supra-backbone DoS attacks are on the upswing. Providers, said Arbor, regularly report attacks beyond the capacity of core backbone sections of the Internet in the 10-20Gbps range. "This is driven by the proliferation of broadband Internet connectivity globally," the survey's report said. The bulk of these DoS attacks originate with botnets, collections of compromised computers that criminals have acquired by infecting them with Trojan horses through other means, such as e-mail, spyware, or malicious Web sites... Other findings in the report ranged from a pessimistic view of zombies -- "despite the best efforts of firewall, IDS, and OS vendors, there is no end in sight to the rise of millions of compromised systems available to participate in DoS," said the report -- to an admission that an ISP's cure for a DoS may be as bad as the attack itself. Most providers, for example, handle a DoS by filtering out all traffic to the victim. While that protects ISPs backbones from collapse, the tactic also blocks legitimate traffic to the victim domain..."
- http://www.arbornetworks.com/news_detail.php?id=719

 Shocked
« Last Edit: November 06, 2010, 04:56:15 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #1 on: November 05, 2010, 10:43:43 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8402



FYI...

DDoS attack severs Burma internet
- http://asert.arbornetworks.com/2010/11/attac-severs-myanmar-internet/
November 3, 2010 - "... Burma once again fell off the Internet. Over the last several days, a rapidly escalating, large-scale DDoS has targeted Burma’s main Internet provider, the Ministry of Post and Telecommunication (MPT), disrupting most network traffic in and out of the country... We estimate the Burma DDoS between 10-15 Gbps (several hundred times more than enough to overwhelm the country’s 45 Mbps T3 terrestrial and satellite links). The DDoS includes dozens of individual attack components (e.g. TCP syn, rst flood) against multiple IP addresses within MPT’s address blocks... Normally Burma traffic peaks around 100 Mbps. Over the course of the week, the rapidly escalating attack jumped into a sustained multi-gigabits per second... While DDoS against e-commerce and commercial sites are common (hundreds per day), large-scale geo-politically motivated attacks — especially ones targeting an entire country — remain rare with a few notable exceptions. At 10-15 Gbps, the Burma attack is also significantly larger than the 2007 Georgia (814 Mbps) and Estonia DDoS..."

- http://isc.sans.edu/tag.html?tag=ddos
___

DDoS attack growth over time
- http://farm6.static.flickr.com/5001/5251362493_44405848d2_b.jpg
DDoS attack vectors
- http://farm6.static.flickr.com/5281/5252244761_d4eccf5427_b.jpg
Credit: Arbor Networks blog:
- http://asert.arbornetworks.com/2010/12/the-internet-goes-to-war/
December 14, 2010

 Shocked Evil or Very Mad
« Last Edit: December 16, 2010, 03:26:31 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #2 on: February 02, 2011, 06:08:35 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8402



FYI...

100Gbit DDoS attacks ...
- http://www.computerworld.com/s/article/9207623/DDoS_attacks_made_worse_by_firewalls_report_finds
February 1, 2011 - "The rising tide of distributed denial of service attacks (DDoS) is being made much worse by a tendency to mis-deploy firewalls and intrusion prevention systems (IPS) in front of servers, a report by Arbor Networks has found. The company surveyed 111 global service providers across fixed and mobile sectors for its 2010 Infrastructure Security Report and uncovered a huge jump in DDoS attack size during the year. Maximum attack sizes reached 100Gbit/s for the first time, double that for 2009, and ten times the peak size seen as recently as 2005, increasingly in the form application attacks rather than simple packet flooding. Attack frequency also appears to be increasing, with 25 percent of respondents seeing 10 or more DDoS attacks per month, and 69 percent experiencing at least one. But according to Arbor, service providers and corporate could significantly reduce their DDoS vulnerability by designing their security infrastructure to better locate policy-based security devices such as firewalls. During 2010, nearly half of all respondents had experienced a failure of their firewall or IPS due to DDoS, something that could have been avoided in many cases using better router security configuration. "They [firewalls] should not be placed in front of servers. Folks do it because they have been programmed to do it," says Arbor's solutions architect, Roland Dobbins. In many cases, these devices became immediate bottlenecks in the face of DDoS, achieving the attackers' aims with ease. Firewalls and IPS were fine for LANs where they filtered outgoing traffic, but turned into obvious points of failure when used as a barrier to protect servers receiving large volumes of inbound packets, he says..."

- http://computer-forensics.sans.org/blog/2010/03/23/client-side-web-application-attacks/

Shocked Sad
« Last Edit: February 02, 2011, 09:35:07 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
 
Pages: [1]   Go Up
  Print  
 
Jump to:  

Powered by SMF 1.1.20 | SMF © 2013, Simple Machines Page created in 0.313 seconds with 19 queries.