dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
6
PX Eliezer704
Premium Member
join:2008-08-09
Hutt River

1 edit

2 recommendations

PX Eliezer704 to a1computers

Premium Member

to a1computers

Re: CallCentric tech issues today?

said by a1computers:

This crappy attack could be accomplished by my 7 year old, I am not impressed by the attacker. At the end of the day a firewall log should have already shown which IP is sending expanded packets. Why CC has not simply blocked the IP or country or DHCP range is beyond me....

Respectfully, that remark does not demonstrate much familiarity with this area.

[I'm being polite, BTW].

A massive attack such as this can involve hundreds or thousands of IP addresses simultaneously, and those IP addresses will be constantly changing. And they will be from many countries at once.

I suggest that you learn a little about DDoS attacks, botnets, zombie armies (of the computer kind), and so forth.

Here is something from a whole year ago, things have gotten worse since then....

A week-long DDoS attack that launched a flood of traffic at an Asian e-commerce company in early November was the biggest such incident so far this year, according to Prolexic, a company that defends websites against such attacks.

The distributed denial-of-service attack consisted of four consecutive waves launched from multiple botnets between Nov. 5 and Nov. 12, 2011, Prolexic said.

It estimated that up to 250,000 computers infected with malware participated in the attack, many of them in China.

At the height of the attack, those computers made 15,000 connections per second to the target company's e-commerce platform, swamping it with up to 45Gbps of traffic, Prolexic said.

»www.computerworld.com/s/ ··· _company

Similarly:

Kaspersky released a report regarding the distributed denial of service (DDOS) attacks that targeted companies in the second half of 2011 and they provided some interesting figures obtained by their botnet monitoring systems.

The numbers reveal that the longest attack recorded in the second half of the past year targeted a travel company and lasted for 80 days, 19 hours, 13 minutes and 5 seconds, and the average duration of DDOS attacks was 9 hours and 29 minutes.

»news.softpedia.com/news/ ··· 88.shtml
a1computers
join:2012-10-06
Pasadena, CA

a1computers

Member

Thanks for the update, but CC has manged to surpress the 2nd wave meaning something has been able to be calculated. I am sure CC has sophisticated hardware FW that you could implent range ban, packet inspection. Attacks get better all the time, can't argue with that.
PX Eliezer704
Premium Member
join:2008-08-09
Hutt River

1 edit

2 recommendations

PX Eliezer704

Premium Member

said by a1computers:

Thanks for the update, but CC has manged to surpress the 2nd wave meaning something has been able to be calculated. I am sure CC has sophisticated hardware FW that you could implent range ban, packet inspection.

Not knowing further details on the first vs. second attacks, it is premature to speculate.

I'm sure that the CC engineers and the engineers for their hardware vendors know quite well what their hardware can and cannot do.

It's too bad that you were not there to help them, they would not have had such a sleepless few days and nights.

----------------------------------

Just think, with your unique knowledge you could put Arbor Networks, Verisign, Radware, and other DDoS mitigation companies out of business.

The point is that these companies exist for a reason. If it were as easy as you seem to feel, the DDoS problem would not be such a big deal.
a1computers
join:2012-10-06
Pasadena, CA

a1computers

Member

I just had a 20 min phone call that was pin drop registered on CC
Babine
join:2012-10-06

Babine

Member

I'm green across the board since 8:25pm on the temp server
a1computers
join:2012-10-06
Pasadena, CA

a1computers

Member

I think the settings have been pretty good all day, yesterday was choppy. but it looks like they may be getting somewhere
Babine
join:2012-10-06

Babine

Member

oh I know they are doing the impossible and I'm even more confident in their capabilities after this thing.
hszeto (banned)
join:2002-06-05

hszeto (banned) to PX Eliezer704

Member

to PX Eliezer704
At least twice in this very thread I saw DDoS are from computers infected with malware participated in the attack, many of them in China. I just wonder why servers cannot temporarily block all connection attempts from China to mitigate the adverse effect.