Linked by Thom Holwerda on Thu 28th Mar 2013 00:36 UTC, submitted by MOS6510
Internet & Networking "The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times calls the attack the largest known DDoS attack ever on the Internet. We wrote about the attack last week. At the time, it was a large attack, sending 85Gbps of traffic. Since then, the attack got much worse. Here are some of the technical details of what we've seen."
Permalink for comment 557011
To read all comments associated with this story, please click here.
Soulbender
Member since:
2005-08-18

It doesn't seem like source interface filtering is a great solution to me because on the internet there's technically no requirement that packets come in from the same interface they'll return out of


Source filtering makes sure that only packets with a valid source comes in on an interface. Valid source means it's an IP address that has a route via that interface. This is an incredibly simple yet effective way to reduce spoofing on customer-facing equipment and is, as I've said previously, already done by most ISP's.

It's a DNS problem, so I feel that a DNS fix should be used instead of modifying our routers.


While DNS has problems this is not one of them. This is simply a problem of misconfigured DNS servers and the only effective way to stop this from happening is by not screwing up the configuration.

My understanding is that many commercial routers achieve their performance in hardware and become underpowered if too many packets get tossed around into the software stack.


Thankfully not everyone uses underpowered Cisco gear ;)

Reply Parent Score: 2