Linked by Thom Holwerda on Thu 28th Mar 2013 00:36 UTC, submitted by MOS6510
Internet & Networking "The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times calls the attack the largest known DDoS attack ever on the Internet. We wrote about the attack last week. At the time, it was a large attack, sending 85Gbps of traffic. Since then, the attack got much worse. Here are some of the technical details of what we've seen."
Permalink for comment 557014
To read all comments associated with this story, please click here.
RE[2]: Comment by marcp
by Soulbender on Fri 29th Mar 2013 03:35 UTC in reply to "RE: Comment by marcp"
Soulbender
Member since:
2005-08-18

but for all intents and purposes a malicious attack against "the internet" could be achieved the same way.


Sure, but there's no way to be anonymous when you do this.
As soon as other providers figured who was doing the blackhole routing your little take-over-the-internet plan is toast and trust me, it would not take them long to find you.
This is threat is also diminished by the fact that any serious peer will limit the prefixes they will accept from you, usually only accepting the prefixes you've been assigned

but it is a strong example of how the backbone internet is fundamentally built on *trust* in order to operate.


Only if by "trust* you mean contracts. You can't just establish a BGP peering with anyone, it requires you to establish a business relationship with those you peer with and unless you're a "Tier 1" player your peers will only accept the prefixes you've been assigned.

Reply Parent Score: 2