Just a Blip? Keynote expert Aaron Rudger said, "The numbers don't lie—and that's a fact." Referencing a graph of performance over the past four weeks, he noted that "the European agents report back pretty consistent and normal performance throughout ... the DDoS event. However, there is a little blip that shows up." "We do see," said Rudger, "that the European agents were experiencing slower response times—up to 40% slower than average—between 8:30am and 2:30pm (PST) on March 26. It is possible that the Spamhaus attack could be related to this slowdown but we can't be sure." Rudger noted that thousands of people streaming the big soccer match that occurred at the same time could account for the slowdown." He rejects the claim that the attack caused days of disruption, saying, "We simply do not see [that] from our data." Just Hype? Biddle's article displays graphs from independent sources (similar to Keynote) showing no spikes in traffic or dips in response time. A report from Amazon on Netflix's hosting showed zero outages during the week. A spokesperson for NTT, "one of the backbone operators of the Internet," stated that while a 300 Gbps attack is massive, most regions have capacities in the Tbps range, concluding "I side with you questioning if it shook the global internet." Biddle concludes that CloudFlare was "trying to scare the internet's residents thinking they're the residents of Dresden in order to drum up business." "If your product is worth a damn," said Biddle, "you shouldn't have to lie to the internet to sell it." Strong words indeed. Shedding Light on the Problem As for the reported slowdown, Wosotowsky confirmed that McAfee found some websites "significantly affected." He noted that due to the size of the attack it could well affect "tangential services that are at some point in their path using the same bandwidth." "The fact that a colossal freak-out is not warranted," said Wosotowsky, "doesn't reduce the importance of the analysis... From the perspective of rooting out safe-havens for malware authors and botmasters the story is indeed worthy." Money and Power Why this increase? The team noted two major (and sometimes overlapping) motivations. "Cybercriminals conduct DDoS attacks to disrupt corporations in an effort to extort money from them," said the team. They may also "[use] DDoS attacks as a weapon to disrupt organizations or companies in pursuit of their own ideological, political or personal interests." Either way, massive DDoS attacks like this can disrupt service for more than just the attack's target. Pay Attention! The Open DNS Resolver Project lists over 25 million servers that their tests show "pose a significant threat." IT guys, pay attention! Are your company's DNS servers on that list? Do a little research and secure them against attacks like IP address spoofing. We'll all thank you. ![]() via Technology - Google News http://news.google.com/news/url?sa=t&fd=R&usg=AFQjCNF-Clck-y75goEL8LOHXoKLWFAjaA&url=http://securitywatch.pcmag.com/spam/309788-internet-apocalypse-now-experts-say-no | |||
| |||
| |||
|
Thursday, 28 March 2013
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment