Did the Spamhaus DDoS Really Slow Down Global Internet Access? 70
CowboyRobot writes "Despite the headlines, the big denial of service attack may not have slowed the Internet after all. The argument against the original claim include the fact that reports of Internet users seeing slowdowns came not from service providers, but the DDoS mitigation service CloudFlare, which signed up Spamhaus as a customer last week. Also, multiple service providers and Internet watchers have now publicly stated that while the DDoS attacks against Spamhaus could theoretically have led to slowdowns, they've seen no evidence that this occurred for general Internet users. And while some users may have noticed a slowdown, the undersea cable cuts discovered by Egyptian sailors had more of an impact than the DDoS."
Re:reporting (Score:5, Informative)
Now Spamhaus can get CloudFlare to handle these attacks on their behalf (for a lot of free advertising) but MyLittleSite.com cannot, and that leave them open to extortion attacks from the criminals who run these DDoSs.
Why not? CloudFlare has a free tier specifically designed for smaller sites. It's mostly used by bloggers and stuff to cache static content than for DDOS protection, but it offers the same level of functionality. The paid service they offer has extra features like SSL support and other options, but all levels of the service offer DDOS protection.
Re:reporting (Score:5, Informative)
Yep, your solution is worse than the DDoS itself, because it only requires a few requests to take a server offline, not a massively sustained attack.
Can you explain to me how to progmatically tell the difference between your "spoof" shutdown request and a real one? If you can't do that, then you could effectively DDoS an entire ISP when all of their customers have their connections shut down, and they can't get through to support lines because everyone else is phoning up to get their line re-enabled, etc..