ddos attack blog

• Previous message (by thread): ddos attack blog
• Next message (by thread): ddos attack blog
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 02/13/2014 10:06 AM, Cb B wrote:
> Good write up, includes name and shame for AT&T Wireless, IIJ, OVH,
> DTAG and others
>
> http://blog.cloudflare.com/technical-details-behind-a-400gbps-ntp-amplification-ddos-attack
>
> Standard plug for http://openntpproject.org/ and
> http://openresolverproject.org/ and bcp38 , please fix/help.
>
> For those of you paying attention to the outage list, this is a pretty
> big deal that has had daily ramification for some very big networks
> https://puck.nether.net/pipermail/outages/2014-February/date.html
>
> In general, i think UDP is doomed to be blocked and rate limited --
> tragedy of the commons.  But, it would be nice if folks would just fix
> the root of the issue so the rest of us don't have go there...

UDP won't be blocked. There are some vendors that have their own hidden 
protocol inside UDP packets to control and communicate with their devices.

Thinking on it again, maybe blocking UDP isn't all that bad. Would force 
the vendors to not 'hide' their protocol.

--John

>
> Regards,
>
> CB
>

• Previous message (by thread): ddos attack blog
• Next message (by thread): ddos attack blog
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]