Linked by Thom Holwerda on Thu 28th Mar 2013 00:36 UTC, submitted by MOS6510
Internet & Networking "The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times calls the attack the largest known DDoS attack ever on the Internet. We wrote about the attack last week. At the time, it was a large attack, sending 85Gbps of traffic. Since then, the attack got much worse. Here are some of the technical details of what we've seen."
Permalink for comment 557010
To read all comments associated with this story, please click here.
Soulbender
Member since:
2005-08-18

that the 'net is full of routers that perform none of the sanity checks which would block such spoofed packets, regardless of what daemon we discover to be exploitable next week.


A) This should be done on the customer-facing equipment, not on border routers.
B) Most ISP's already do this. Really.
C) You don't need to spoof the source to make use of open DNS resolvers. That is the crux of the problem, that this attack is created by "valid" packets.

Reply Parent Score: 2