GoDaddy : DDoS : : Contact

• Previous message (by thread): GoDaddy : DDoS : : Contact
• Next message (by thread): GoDaddy : DDoS : : Contact
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 3 Aug 2015, at 20:35, Mel Beckman wrote:

> But SYN floods are easily detected and deflected by all modern 
> firewalls. If a handshake doesn’t complete within a certain time 
> interval, the SYN is discarded.

This is incorrect.  I've seen a 20gb/sec stateful firewall taken down by 
a 3mb/sec spoofed SYN-flood due to DDoS exhaustion.  I've seen a 
10gb/sec load-balancer taken down by 60s of 6kpps of HOIC:

<https://app.box.com/s/a3oqqlgwe15j8svojvzl>

> The majority I’ve seen, however, are TCP.

<https://en.wikipedia.org/wiki/Hasty_generalization>

> In any event, I think it’s not useful to misuse the term DDoS, and 
> that it refers to any attack where the source addresses are 
> distributed across the Internet, making them difficult to identify and 
> therefore block.

Again, that ship sailed long ago.

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>

• Previous message (by thread): GoDaddy : DDoS : : Contact
• Next message (by thread): GoDaddy : DDoS : : Contact
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]