Linked by Thom Holwerda on Thu 28th Mar 2013 00:36 UTC, submitted by MOS6510
Internet & Networking "The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times calls the attack the largest known DDoS attack ever on the Internet. We wrote about the attack last week. At the time, it was a large attack, sending 85Gbps of traffic. Since then, the attack got much worse. Here are some of the technical details of what we've seen."
Permalink for comment 556940
To read all comments associated with this story, please click here.
puidelup
Member since:
2013-03-19

It is a new vector in attack in that it's only really been exploited like this in recent years.


Well here you might be right.

This is a type of Reflected DDoS (http://en.wikipedia.org/wiki/Denial-of-service_attack#Reflected_.2F...), of which there are many. They were "all the rage" in the late 90ties (smurf attacks, DC attacks anyone?). If specifically DNS amplification attacks are something new, especially on this scale, I don't know. But they're just a variation of the same basic concept.

I've known about DNS amplification attacks for ~3 years, and by quickly googling around I found that in 2006-2007 they were considered new (http://www.theinquirer.net/inquirer/news/1015743/dns-amplification-..., http://securitytnt.com/dns-amplification-attack/). I really thought this was older ;)

so this may be relatively new, but it's yet another form of reflective DDOS

Reply Parent Score: 2