Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Latest Breaking News»World's largest DDoS stri...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Latest Breaking News

Related: General Discussion, Editorials & Other Articles

Ichingcarpenter

(36,988 posts) Tue Feb 11, 2014, 05:48 AM Feb 2014

World's largest DDoS strikes US, Europe

Source: iTnews austrilia

A content delivery network provider has today been hit by what appears to be the world's largest denial of service attack, in an assault that exploits an emerging and frightening threat vector.

The Network Time Protocol (NTP) Reflection attack exploits a timing mechanism that underpins a way the internet works to greatly amplify the power of what would otherwise be a small and ineffective assault.

US-based DDoS protection outfit CloudFlare was hit with the attacks after an unnamed customer was targeted.

It is unclear how many websites and users were affected, although at least one French networking host reported a 350Gbps DDoS attack during the assault.

CloudFlare chief executive Matthew Prince said the attack tipped 400Gbps, 100Gbps larger than the previous record DDoS attack which used DNS reflective amplification.



Read more: http://www.itnews.com.au/News/372033,worlds-largest-ddos-strikes-us-europe.aspx

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 9 replies, 2429 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (10) ReplyReply to this post
9 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
World's largest DDoS strikes US, Europe (Original Post) Ichingcarpenter Feb 2014 OP
NIST is reporting this DDoS attack as well lapfog_1 Feb 2014 #1
I'm not sure what it means but Ichingcarpenter Feb 2014 #2
"This unit powers up but has not been tested in depth." bananas Feb 2014 #8
"like this" lapfog_1 Feb 2014 #9
Cyber Wars Incident #Q2307G-284527-949943 Berlum Feb 2014 #3
An armed society is a polite society. Orsino Feb 2014 #6
How do they know it's the "largest" if they don't know how many "websites and users were affected"? Renew Deal Feb 2014 #4
It is in the article cosmicone Feb 2014 #5
The OpenNTPProject can help administrators determine if their servers are vulnerable. bananas Feb 2014 #7

lapfog_1

(29,191 posts)
1. NIST is reporting this DDoS attack as well
Reply to Ichingcarpenter (Original post)
Tue Feb 11, 2014, 06:28 AM
Feb 2014

of course, anyone really serious about time accuracy uses something like this

http://www.ebay.com/itm/Symmetricom-Datum-TS2100-GPS-Tymserve-NTP-Time-Server-/161219112385?pt=COMP_EN_Servers&hash=item2589686dc1

a standalone time generator that uses multiple non-internet sources of time synch (radio broadcast, GPS signals, you own atomic clocK )

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

bananas

(27,509 posts)
8. "This unit powers up but has not been tested in depth."
Reply to lapfog_1 (Reply #1)
Tue Feb 11, 2014, 11:00 AM
Feb 2014

Right, anyone really serious about time accuracy is going to jump on that!

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

lapfog_1

(29,191 posts)
9. "like this"
Reply to bananas (Reply #8)
Tue Feb 11, 2014, 01:53 PM
Feb 2014

not this exact unit, but a new one like this.

Just pointing out that a local time server isn't really that expensive anymore and the source of the time signal (for most applications) is not something that can be DDoS'ed (at least by those doing traditional Internet based jamming technology).

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Renew Deal

(81,845 posts)
4. How do they know it's the "largest" if they don't know how many "websites and users were affected"?
Reply to Ichingcarpenter (Original post)
Tue Feb 11, 2014, 10:06 AM
Feb 2014

The answer is they don't. It's hyperbole

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
 

cosmicone

(11,014 posts)
5. It is in the article
Reply to Renew Deal (Reply #4)
Tue Feb 11, 2014, 10:33 AM
Feb 2014

It shows how much bandwidth was consumed by the attacks and this attack consumed the most bandwidth as compared to any previous attacks.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

bananas

(27,509 posts)
7. The OpenNTPProject can help administrators determine if their servers are vulnerable.
Reply to Ichingcarpenter (Original post)
Tue Feb 11, 2014, 10:56 AM
Feb 2014
http://openntpproject.org/

If you are a member of the general public:

How can I check my server? - run the command ntpdc -n -c monlist - If you see a response, your server may be used in attacks.

How can I fix my server, router or other device? You should upgrade tp NTP-4.2.7p26 or later. You can add disable monitor to your ntp.conf and restart your NTP process if on an earlier version. Also check out the Team Cymru Secure NTP Template - Also see NTP Bug #1532

The server should also not respond to loopinfo or iostats requests as well

We are sending one packet to every IP to test if it generates a NTP MONLIST MODE 7 response

If you are a member of the security community:

You can contact the ntp-scan /at/ puck.nether.net to obtain the raw data. It is available for re-use in your reporting.


TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»Latest Breaking News»World's largest DDoS stri...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.