New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
So what happens next? Is that only temporary? That's basically what they mean by null routing right? Cut off customers to protect the rest of the network but only for the duration of the attack right?
I ask in case it ever happens to me.
If you don't mind me asking, did you see any new patterns in the attack logs provided to you ?
Something you haven't seen reported or happen to your networks before ?
Seems hostsailor smashed him
Well, VAC4 is already online, OVH can tank more as 480Gbit.
http://travaux.ovh.net/?do=details&id=17994
Now is the time to get famous, LET providers. Go get Brian Krebs a new home and you can ocassionally brag about dealing with 700gbps ddos attacks.
Tagging @matteob here cause he for sure is interested in the free marketing.
The attacks will stop when carriers start dropping ASs which launch the attacks, they will have incentives to disconnect the bots.
The way it works now is this:
1. Bot launches attacks.
2. Infected machine owner notices slow connection and machine, goes buy bigger pipe and newer machine paying a lot of money.
3. Provider upgrades capacity to face the new demands.
4. Carriers get a large cut and upgrade capacity.
5. DCs and other targets buy routers and other gear to scrub the attacks, and, you guessed it, more BW.
6. Some victims pay up so the attackers are not only collecting from angry kids kicked for cheating, but also from major players, big ransoms.
7. The bot operators operate mainly in impunity and make big money continuously investing into "R&D" to increase their capacity and sophistication.
So, bot operators make money, practically a whole industry, carriers and ISPs as well as hardware manufacturers make good money, only people who pay to maintain this scheme are victims and infected people.
Nope, I don't see anything being done to solve the problem until the internet will be shutdown by russia or china. By then, most people will be on p2p encypted layer 8 or 9.
There is. It's called FlowSpecs. Allows for sending firewall like ACL request through BGP. Some tier 1s supported this, that's how some DDoS protection providers were working, they don't any more unfortunately.
Last I heard it was shittastic too, very problematic supposedly.
Francisco
Providers should collaborate and use ingress filtering together, it will be a good move against huge attacks like this.
https://en.wikipedia.org/wiki/Ingress_filtering
This isn't a spoofed flood. It's 100's of thousands of compromise DVR's, IP Cameras, and things like that.
Francisco
I suppose not really designed to be used by external peers, but it works quite nice internally when you need to patch something small enough on all your routers at once.
>
Is there a published list of the compromised models somewhere?
On hackforums I'm sure. The current exploits I've heard so far are:
Supposedly both are fixed in newer firmwares but short of a vigilanty going through and patching those exploits, it's a shit show.
Francisco
Thanks, Amazon. I was thinking about putting my cheap camera from China outside because who cares if the whole world watches the wind blow grass, right? But now... I'm not firewalling it off again, it was too much trouble last time (when I used it indoors).
Pretty sure they call that totalitarianism
It is relatively easy IF ISPs cooperate and are ready to drop infected people.
Say, one big attack happens, they can see where from the news or internal channels, then simply find out who sends those packets in their network and disconnect the sender. This way they will know they are infected, and, from the attack type, what is vulnerable or how the infection happened.
It will obviously NOT stop the attacks, but 100 GB+ attacks will not be so accessible anymore, also, the average joe will know what NOT to buy and IoT device manufacturers will have a good incentive to increase security, or, at least, to build SOME damned security in the first place...
Hey even communism has to work in one or two situations, right?
Burn the wit...DDOS attackers!
That is not the only totalitarianism, there is religious right wing nationalistic racist kind (not with all those characteristics necessarily present, but one usually suffices), the military dictatorship type, technocratic type, oligarchic type, like Mafia states, militaristico-industrialist type (which can mix with others to support them, usually, but has been seen "stand-alone" in the wild, a close example in south korea some decades ago) even corporatist stand-alone cases, there can be mixes of those, too, so, yeah, communism or "socialist" dictatorship is one form of totalitarianism, but very far from being the only one.
Why the fuck does everything have to become political? When someone makes a joke, roll with it. Nobody cares about your political opinions unless people look up to you. No offense, but nobody here strikes me as someone I care to know politically. I've shared opinions before, but not every single time someone wants to talk. People learn not to like you that way. Calling @Maounique out.
K, leaving.
That's not really an argument.
Not my intention, but your decision.
I'm vegan.
WHAT DID YOU MAKE @MAO DO!!
Lmao
The kid who hacked some company and gave the info to the Islamic State just got 20 years.
http://abcnews.go.com/US/wireStory/foreign-hacker-aided-islamic-state-sentenced-us-42300022
It also has to do with media coverage, many if the big players dont know about ddos or care to report about it.
If the media post articles about the people that have been caught and what's happening to them then maybe there will be more public support.
DOS attacks, put in layman's terms, are simple. Gain access to a internet connected device and send traffic to a target, in mass quantities this is effective.
As people have mentioned above, if providers worked together then we could stop this at the device layer, and thus reduce the flow of malicious traffic.
Like a spam filter or antivirus definition, an appliance can be used to identify malicious traffic and "share" that as a definition, other appliance's receive the definition and check if its coming out via its network and blocks the traffic.
I know its not that simple, but 100% doable.
Deliberately providing intelligence to an enemy state is a VERY different thing to a DDoS.
I would have thought that obvious to any idiot.
oh yea the vDos guys, let's see - they probably end up in jail again anyway, haaretz probably has all dem infoz then. Weird they got out again but the cybercrime laws are... not so clear, especially if you avoid anything local and have some money (being white/jewish also helps, obviously). I expect them to get issues for the owed tax (at 500k or so income noted in the DB at least 200k if paid out to individuals/no infra costs) more likely than the actual business also considering the age.
Could be their friends at play now, just how it works - the retaliation as usual, might also be some more state like actor but the targets are rather weird then unless they are just side effects of another target that should not be detected.
Honestly I thought much the same - would have much more resemblance to Franco's dictatorship, a Nationalist Corporatist state than any so-called 'socialist' regime (of which there werent actually any) - but it was a throwaway joke and honestly deeper analysis seemed redundant