[Tier1 ISP]: Vulnerable to a new DDoS amplification attack

Jean | ddostest.me jean at ddostest.me
Wed Dec 21 16:05:53 UTC 2016


Hello all, I'm a first time poster here and hope to follow all rules.

I found a new way to amplify traffic that would generate really high 
volume of traffic.+10Tbps

** There is no need for spoofing ** so any device in the world could 
initiate a really big attack or be part of an attack.

We talk about an amplification factor x100+. This mean that a single 
computer with 1 Gbps outgoing bandwidth would generate a 100 Gbps DDoS. 
Imagine what a botnet could do?

The list of affected business is huge and I would like to privately 
disclose the details to the Tier1 ISP as they are highly vulnerable.

XO Comm
PSINET
Level 3
Qwest
Windstream Comm
Eearthlink
MCI Comm/Verizon Buss
Comcast Cable Comm
AT&T
Sprint

I know it's Christmas time and there is no rush in disclosing this but, 
it could be a nice opportunity to meditate and shed some lights on this 
new DDoS threat. We could start the real work in January.


If you are curious and you operate/manage one of the network mentioned 
above, please write to me at tornaddos at ddostest.me from your job email 
to confirm the identity. I will then forward you the DDoS details.

Best regards

Jean St-Laurent
ddostest.me
365 boul. Sir-Wilfrid-Laurier #202
Beloeil, QC J3G 4T2


More information about the NANOG mailing list