Krebs on Security booted off Akamai network after DDoS attack proves pricey
morrowc.lists at gmail.com
Sat Sep 24 01:58:42 UTC 2016
On Fri, Sep 23, 2016 at 9:24 PM, Jon Lewis <jlewis at lewis.org> wrote:
> On Fri, 23 Sep 2016, Patrick W. Gilmore wrote:
> Is CloudFlare able to filter Layer 7 these days? I was under the
>> impression CloudFlare was not able to do that.
>> There have been a lot of rumors about this attack. Some say reflection,
>> others say Layer 7, others say .. other stuff. If it is Layer 7, how are
>> you going to ÿÿstep in front of the cannonÿÿ? Would you just pass through
>> all the traffic?
> Anycast + load balancers + high powered varnish?
notionally (because I have been paying zero attention to this) jon's
1) setup a crapload of nginx/squid/etc configured tightly for things to
be accessed behind them
2) ecmp to them across several layers (assume 32 ecmp at each layer, call
it 4 layers get craploads of machines running)
3) change over the dns
eh? If you can eat the PPS, you can spray across enough tcp listeners, you
can weed out the chaff and start filtering in the 'application'... perhaps
also run a 'low bandwidth' version of the target site...
hey look, we invented prolexic.
More information about the NANOG