site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Experiences with DDOS mitigation - Part I

view: topics flat text 
Post a:
Comments on news posted 2008-04-20 02:52:00: The last few weeks we have seen a number of distributed denial of service (ddos) aimed a dslreports.com. An attack would be from an hour to 48 hours. Over two weeks the attacker experimented with larger and different methods. nac. ..


Matt
All noise, no signal.
Premium
join:2003-07-20
Jamestown, NC
kudos:12

Good Writeup

Good info Justin. Can't wait for the 2nd article with technical specifics.

Also, did NAC really tell you to just "not piss people off"? Wow.
permalink · 2008-04-24 08:51:43 · Reply to this ·

justin
Australian
join:1999-05-28
New York, NY
kudos:7

Re: Good Writeup

No, they didn't tell me. Just an opinion they had on the best way to mitigate. I can see where they are coming from it sucks to have other customers knocked around.
permalink · 2008-04-24 11:22:23 · Reply to this ·

Calliope
Premium
join:2005-09-19
Madison, WI

Re: Good Writeup

Thank you for the article. Although I do not understand it in its entirety, it is certainly enlightening and answered a few questions for me.
permalink · 2008-04-24 15:38:29 · Reply to this ·

SND2005
Premium
join:2001-09-15
Im Over Here
Reviews:
·CWLab
said by justin:

No, they didn't tell me. Just an opinion they had on the best way to mitigate. I can see where they are coming from it sucks to have other customers knocked around.
Would it be possible to switch over to a "CAPTCHA" type mechanism to weed out real traffic during an attack? Possibly you could route requests from BOTs back to themselves, and route positive CAPTCHA replies to the real web or backup web address? Sorta a pseudo secret handshake?
permalink · 2008-04-24 23:02:31 · Print · Reply to this ·

justin
Australian
join:1999-05-28
New York, NY
kudos:7
Host:
IPv6
Business Connectiv..
Console/Handheld g..
Console Tech
Home/Office setup ..

Re: Good Writeup

That would be even harder than serving them a normal page upon request.

Some newer web servers have introduced a way of giving preference and priority to existing users (on the site before it got full up), or users with an encrypted token that they pick up when they login.
permalink · 2008-04-25 10:03:35 · Reply to this ·

La Luna
Survived Ashraful
Premium
join:2001-07-12
Warwick, NY
kudos:3

Thank you....

....for the informative and easy (mostly) to understand write up justin See Profile, much appreciated!
permalink · 2008-04-26 00:20:30 · Reply to this ·

jonnyz
Premium
join:2003-03-20
Canfield, OH

DShield

DShield loves logs like this and is a good security site in general.
--
Join the RC5 team.
permalink · 2008-04-26 22:12:34 · Reply to this ·

DaneJasper
Sonic.Net
Premium,VIP
join:2001-08-20
Santa Rosa, CA
kudos:7

Re: DShield

said by jonnyz:

DShield loves logs like this and is a good security site in general.
This was what I was going to suggest.

Most sites which are attacked don't have the means to log the sources. The resources required are large.

If you can though, DShield seems to provide a real good notification service. More and more ISPs are paying attention to credible sources, and assisting or walling off (until they disinfect) affected customers.

-Dane
permalink · 2008-05-15 18:31:49 · Print · Reply to this ·
Jman99

join:2007-04-24
Etobicoke, ON

Poirot mode

Is there any evidence that links Rogers or Bell to the hiring of the botnet?
permalink · 2008-04-28 01:18:04 · Reply to this ·
Forums > Experiences with DDOS mitigation - Part I

Sunday, 27-May 01:04:21 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.