A Third of the Internet Experienced DoS Attacks in the Last Two Years

Long-time Slashdot reader doom writes: Over a two year period, a third of the IPv4 address space have experienced some sort of DoS attack, though the researchers who've ascertained this suspect this is an underestimate. This is from a story at Science Daily reporting on a study recently presented in London at the Internet Measurement Conference.

"As might be expected, more than a quarter of the targeted addresses in the study came in the United States, the nation with the most internet addresses in the world. Japan, with the third most internet addresses, ranks anywhere from 14th to 25th for the number of DoS attacks, indicating a relatively safe nation for DoS attacks..."

The study itself states, "On average, on a single day, about 3% of all Web sites were involved in attacks (i.e., by being hosted on targeted IP addresses)."
"Put another way," said the report's principal investigator, "during this recent two-year period under study, the internet was targeted by nearly 30,000 attacks per day."

Am I safe?

[110010001000]

I installed Win95 on my DOS system. Am I safe?

Re:Am I safe?

[jez9999]

Yes. There's no way it could connect to the internet.

Re:

[puddingebola]

NO! And you're getting sued. Upgrade to Windows 10 immediately. The undead zombie lawsuit wants more BRAINS! Or legal fees, whichever.

Re:

[Ol Olsoc]

All of this is possible

Has there ever been a +5 Flamebait?

Re:

[Mike Sheen]

Acutally, the handful of times I've traced back attacking IP's during a significant DDoS attack (3+Gb/s) I found the attacking IP's to be web servers from small to medium businesses running the LAMP stack. The most common was a php file was uploaded to the server and simply executed via the web server due to misconfiguration. Not surprisingly contacting the owners of the compromised servers never yielded any response - but one I did contact I saw that about a week later the offending php file was gone as a

So,, what's the fix?

[doom]

What I'd actually like to hear about are alternate designs that could be used to create a net without vulnerability to denial-of-service.

Re:

[jez9999]

The fundamental problem is DDoS with thousands of bots, is it not? In which case the fix is to get rid of all the insecure devices. Either refuse all traffic from them somehow or maybe have an opt-in internetwork where you're booted off if you're found to have an insecure device, having to earn your way back in.

Re:

[110010001000]

Yep. That is the next step. Only "approved" devices can connect (iOS, Windows 10, etc). Be careful what you wish for.

Re:

[dog77]

Quickly drop packets that don't have a correct cryptographic signature necessary to talk with a site. Make it a slow process requiring some human intervention to get a temporary cryptographic signature necessary to send a packet to a site. This way, the denial of service attack would be limited by the speed of the human. There would still be the problem of the site that gives out the cryptographic signature, but that function could be spread out and optimized making it impractical to attack.

Re: So,, what's the fix?

[Casey Annis]

That isn't entirely true, there are a few carrier grade solutions that providers can deploy within thier transport structure to mitigate DDoS attacks. These systems do not rely on "your" firewall, mostly human intelligence and the occasional premises monitor NVF. Arbor Networks comes to mind. The ISP installs scrubbers at their ENNI interfaces and at key transport interconnects. The scrubbers reroute customer traffic, clean it and then hairpin the traffic back out of the scrubbers and deliver it to the

Character Set Limited?

[John.Banister]

I wonder, what is the ratio of per capita DoS attacks between sites that use the ASCII character set for their URL and sites that use other character sets for the URL? Is there a preference for victims using ASCII for the URL that's stronger than preferences based on the geographic location of the site owner?

Or maybe browsers suck

[RogueWarrior65]

I mean, jeez, Mozilla, why is Firefox so friggin' SLOW?

Experienced DoS attack last night

[Zubinix]

Here in Oz, last evening it was obvious the Internet was slowing down drastically, oh wait I'm on the NBN....

News flash

[buss_error]

My home modem is subjected to 50 meg ddos attacks every day. I think the "1/3'd" cited is pretty much a low ball. My web servers see 1 gig attacks just about every day, and my mail servers see at least 1 million emails per day rejected based on nothing more than it's RIR space. We won't even discuss what is going on with port 22 since I do not allow password PAM and require a key. If you are in APNIC, LATNIC, BRNIC, and much of RIPE space, sorry. It's firewalled completely for all ports. (Except for the UK