Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security The Internet

40-Gbps DDoS Attacks Worry Even Tier-1 ISPs 146

Posted by kdawson from the isotropic-tsunami dept.
sturgeon and other readers let us know that Arbor Networks has released their annual survey of tier-1 / tier-2 ISP security engineers. This year they got responses from 70 lead engineers. While DDoS attacks are reaching new heights of backbone-crushing traffic — 40 Gbps was seen this past year — the insiders are also worried about emerging threats to DNS and BGP. The summary notes that "Most believe that the DNS cache poisoning flaw disclosed earlier this year was poorly handled and increased the danger of the threat," but doesn't spell out what a better way of handling it might have been. All in all, the ISPs sound a bit pessimistic — one says "fewer resources, less management support, and increased workload." You can request the full PDF report here, but it will cost you contact information. In related news, an anonymous reader passes along a survey by Secure Computing of 199 international security experts and other "industry insiders" from utilities, oil and gas, financial services, government, telecommunications, transportation and other critical infrastructure industries. They are worried too.
This discussion has been archived. No new comments can be posted.

40-Gbps DDoS Attacks Worry Even Tier-1 ISPs More

40-Gbps DDoS Attacks Worry Even Tier-1 ISPs

Comments Filter:

  • Re:let it collapse (Score:2, Informative)

    by Spazztastic ( 814296 ) <spazztastic&gmail,com> on Tuesday November 11, 2008 @03:25PM (#25724519)

    nah we will just pay 700 billion to prop it up for a few months and let the next guy deal with it.

    I think realistically 700 billion could fix the internet in the entire US. It would make up for the 200 billion we lost a few years ago.* Not only that we could use it to help our friends to the north.

    * Article [webpronews.com], first one I found about it.

  • Key comments (Score:5, Informative)

    by Animats ( 122034 ) on Tuesday November 11, 2008 @03:32PM (#25724617) Homepage
    Useful quotes from the report:
    • "Large Web mail operators like Google don't give a sh-- -- about spam originating from their networks because they know they are too large to be blacklisted. This causes significant pain."
    • "Overall, law enforcement referrals dropped for the third year in a row." "We also asked respondents if they believe law enforcement has the power and/or means to act upon information provided by network operators. Only 21 percent said Yes, while nearly 64 percent said No".
    • "The attack stopped only because the attacker was paid. The attacker remains at large and active. No bots were used in this attack. The attacker had a small number of compromised Linux boxes from which he'd launch the spoofed source DNS query. The DNS servers were all DNS servers open to recursion."

  • Re:what's scarier, or not (Score:5, Informative)

    by whydna ( 9312 ) <whydnaNO@SPAMhotmail.com> on Tuesday November 11, 2008 @03:40PM (#25724699)

    Back in the day (about a decade ago), you could "smurf" folks, which is a form of reflective amplification. The process was fairly simple: you'd ping a network's broadcast address with a packet spoofed to appear to come from your victim. At the time, most networks weren't filtering the broadcast traffic. As a result all the hosts on that network would respond to the ping. Back in the days of 14.4 modems, you could easily blow somebody offline while generating a very tiny volume of traffic.

    ---> ping (src: victim [spoofed], dest: broadcast address of large network)
    <=== large number of icmp responses (src: addresses in large network, dest: victim)

    I'd guess that the attack is similar in concept.

  • Re:let it collapse (Score:4, Informative)

    by Vancorps ( 746090 ) on Tuesday November 11, 2008 @04:16PM (#25725141)

    I do wonder how effective that would be, my grandfather with in the CCC and was involved in building the Hoover dam.

    Did this actually help with the depression?

    Also they lost more than $700b, that was just the amount they needed to stay solvent. Alan Greenspan's reaction was priceless saying that he'd expected banks to take reasonable risks and not commit suicide. It was in their own interests to self-regulate but surprise surprise, greed won out.

  • DO NOT WANT MORE SPAM!!!! (Score:5, Informative)

    by sizzlinkitty ( 1199479 ) on Tuesday November 11, 2008 @04:22PM (#25725241)
    Skip the spam and just download directly here... http://www.arbornetworks.com/en/docman/worldwide-infrastructure-security-report-volume-iv-2008-/download.html [arbornetworks.com]

  • Re:let it collapse (Score:5, Informative)

    by agrounds ( 227704 ) on Tuesday November 11, 2008 @04:54PM (#25725691)

    Give the electric companies 2 choices: Fix your own damn shit with your profits or we fix it and lease it back to you or nationalize you.

    Sure there are people that are going to bitch because they're used to their handout. But handouts aren't going to help anyone. Make everyone work.

    It's not perfect but it's a hell of a lot better than handing it over to a bunch of people who managed to already lose $700b.

    [0].M-F you live in work housing or you work 4 - 10s or 7 on 7 off.

    I hate to ruin your rant with what we call "facts", but the grid in the United States is not owned by private companies that you can just boss around from your ivory tower of uninformed tripe. It is an amalgamation of state-run and multi-state entities called ISOs (Independent System Operators) that both contract and coordinate with the transmission agencies in concert with privately-owned and state-owned generation assets to produce consistent and reliable power. A grid, in the strictest sense of the word, is a series of transmission lines, owned by multiple companies, that are interlinked and under the complete autonomy of the ISO. Nothing happens without the permission and direction of the ISO or FERC (and NERC as its enforcement arm). The grid is aging, but since the ultimate authority to direct replacement lies with both federal, state, and multi-state agencies, who precisely in your little world bears the fiscal burden?

    May I suggest for your education:
    http://www.ferc.gov/ [ferc.gov]
    http://www.nerc.com/ [nerc.com]

    And for ISOs:
    http://www.ercot.com/ [ercot.com]
    http://www.caiso.com/ [caiso.com]
    http://www.nyiso.com/public/index.jsp [nyiso.com]
    http://www.pjm.com/index.jsp [pjm.com]
    http://www.midwestiso.org/home [midwestiso.org]

    Find the one that serves your area, and berate them with your uninformed bile since you obviously understand all of this better than anyone else.

    Or do you?

  • Re:let it collapse (Score:4, Informative)

    by DrugCheese ( 266151 ) on Tuesday November 11, 2008 @05:34PM (#25726181)

    John Deere is in Moline, IA.

    Moline, IL

    across the river from IA

  • Re:Why isn't the insecurity of Windows mentioned? (Score:5, Informative)

    by whoever57 ( 658626 ) on Tuesday November 11, 2008 @05:38PM (#25726253) Journal

    Most Spam originates through incorrectly configured mail servers that allow mail relaying. In reality, it's much easier to leave on open relay on something like Sendmail on Unix than it probably is on Microsoft Exchange.

    Did we just jump in back 5 (or more) years in time?

    You are joking, right? Open relays have been oveshadowed by compromised destop machines as spam sources for a few years now. Plus, since SMTP MTAs tend to be on static IPs, the use of RBLs has effectively limited the reach of open relays as sources for any kind of email (SPAM or otherwise).

Slashdot Top Deals

Software production is assumed to be a line function, but it is run like a staff function. -- Paul Licker

Close