Krebs on Security booted off Akamai network after DDoS attack proves pricey
Sven-Haegar Koch
haegar at sdinet.de
Fri Sep 23 19:15:26 UTC 2016
On Fri, 23 Sep 2016, Mike wrote:
> On 09/23/2016 11:30 AM, Seth Mattinen wrote:
> > On 9/23/16 10:58, Grant Ridder wrote:
> > > Didn't realize Akamai kicked out or disabled customers
> > > http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
> > >
> > > "Security blog Krebs on Security has been taken offline by host Akamai
> > > Technologies following a DDoS attack which reached 665 Gbps in size."
> >
> >
> > So ultimately the DDoS was successful, just in a different way.
> >
> > ~Seth
> >
> >
> More technical information about the characteristics of these attacks would be
> very interesting such as the ultimate sources of the attack traffic
> (compromised home pc's?), the nature of the traffic (dns / ssdp
> amplification?), whether it was spoofed source (BCP38-adverse), and whether
> the recent takedown the vDOS was really complete or if it's likely someone
> else gained control of the C&C servers that controlled it's assets?
At least for the OVH case there is a bit of info:
https://twitter.com/olesovhcom/status/779297257199964160
"This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send
>1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn."
c'ya
sven-haegar
--
Three may keep a secret, if two of them are dead.
- Ben F.
More information about the NANOG
mailing list