Krebs on Security booted off Akamai network after DDoS attack proves pricey

• Previous message (by thread): Krebs on Security booted off Akamai network after DDoS attack proves pricey
• Next message (by thread): Krebs on Security booted off Akamai network after DDoS attack proves pricey
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> https://www.internetsociety.org/sites/default/files/01_5.pdf
>
> The attack is triggered by a few spoofs somewhere in the world. It is not
> feasible to stop this.

That paper is about reflection attacks.  From what I've read, this was not 
a reflection attack.  The IoT devices are infected with botware which 
sends attack traffic directly.  Address spoofing is not particularly 
useful for controlling botnets.  For example, the Conficker botnet 
generated pseudo-random domain names where the bots looked for control 
traffic.

> Please see https://www.ietf.org/rfc/rfc6561.txt

Uh, yes, we're familiar with that.  We even know the people who wrote it. 
It could use an update for IoT since I get the impression that in many 
cases the only way for a nontechnical user to fix the infection is to 
throw the device away.

Regards,
John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly

• Previous message (by thread): Krebs on Security booted off Akamai network after DDoS attack proves pricey
• Next message (by thread): Krebs on Security booted off Akamai network after DDoS attack proves pricey
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]