Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

HTTP/3 (IETF QUIC) DDoS Attacks
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

HTTP/3 (IETF QUIC) DDoS Attacks

SplitIceSplitIce Member, Host Rep
edited May 2020 in General

Lots of trailblazers here.

Has anyone received anyone here serving HTTP/3 received DDoS attacks on their HTTP/3 service? If so would you mind sharing your experience (method, impact, etc)?

Feel free to reach out privately.

Comments

  • hzrhzr Member

    We get hit via UDP on the 'correct' alt-svc port all the time, but there's no noticeable L7 impact other than a normal garbage volumetric flood.

  • SplitIceSplitIce Member, Host Rep
    edited May 2020

    @hzr what server?

    Personally I'm just waiting for the first spoofed Client Hello packet flood. As far as I can see from the RFC and PCAPs it's going to be hell to protect from handshake resource exhaustion.

  • hzrhzr Member

    https://github.com/lucas-clemente/quic-go, but may migrate over to litespeed or the mozilla impl at some point, because I'm not a fan of go

    Thanked by 1SplitIce
  • LeviLevi Member

    hzr said: I'm not a fan of go

    Ouch. Care to share why?

Sign In or Register to comment.