Cloudflare, and the 120Gbps DDOS "that almost broke the Internet"

Wed Mar 27 21:46:05 UTC 2013

Wasn't there a ton of drama with the SpamHaus guys a year or so ago
regarding RBL's on NANOG?

On 3/27/13 2:54 PM, "Scott Weeks" <surfer at mauigateway.com> wrote:

>
>--- bill at herrin.us wrote:
>From: William Herrin <bill at herrin.us>
>
>According to the New York Times it was 300 gbps and Cyberbunker was the
>bad guy.
>http://www.nytimes.com/2013/03/27/technology/internet/online-dispute-becom
>es-internet-snarling-attack.html?pagewanted=all&_r=0
>-----------------------------------------
>
>Got a link that we don't have to allow cookies and have to create an
>account to read?
>------------------------------------------------------------
>
>
>I found it using startpage.com's proxy and pasted it below for
>others that don't want to create accounts and all:
>
>
>A squabble between a group fighting spam and a Dutch company that hosts
>Web sites said to be sending spam has escalated into one of the largest
>computer attacks on the Internet, causing widespread congestion and
>jamming crucial infrastructure around the world, John Markoff and Nicole
>Perlroth write on Wednesday in The New York Times.
>
>Millions of ordinary Internet users have experienced delays in services
>like Netflix or could not reach a particular Web site for a short time.
>However, for the Internet engineers who run the global network, the
>problem is more worrisome. The attacks are becoming increasingly
>powerful, and computer security experts worry that if they continue to
>escalate, people may not be able to reach basic Internet services, like
>e-mail and online banking.
>
>The dispute started when the spam-fighting group, called Spamhaus, added
>the Dutch company Cyberbunker to its blacklist, which is used by e-mail
>providers to weed out spam. Cyberbunker, named for its headquarters, a
>five-story former NATO bunker, offers hosting services to any Web site
>³except child porn and anything related to terrorism,² according to its
>Web site.
>
>A spokesman for Spamhaus, which is based in Europe, said the attacks
>began on March 19, but had not stopped the group from distributing its
>blacklist.
>
>Patrick Gilmore, chief architect at Akamai Networks, a digital content
>provider, said Spamhaus¹s role was to generate a list of Internet
>spammers. Of Cyberbunker, he added: ³These guys are just mad. To be
>frank, they got caught. They think they should be allowed to spam.²
>
>Mr. Gilmore said that the attacks, which are generated by swarms of
>computers called botnets, concentrate data streams that are larger than
>the Internet connections of entire countries. He likened the technique,
>which uses a long-known flaw in the Internet¹s basic plumbing, to using a
>machine gun to spray an entire crowd when the intent is to kill one
>person. The so-called distributed denial of service, or DDoS, attacks
>have reached previously unknown magnitudes, growing to a data stream of
>300 billion bits per second.
>
>Questioned about the attacks, Sven Olaf Kamphuis, an Internet activist
>who said he was a spokesman for the attackers, said in an online message
>that, ³We are aware that this is one of the largest DDoS attacks the
>world had publicly seen.² Mr. Kamphuis said Cyberbunker was retaliating
>against Spamhaus for ³abusing their influence.²
>
>
>scott