Stories
Slash Boxes
Comments

SoylentNews is people

A Source for Recent DDoS Attacks

posted by martyb on Thursday September 29 2016, @08:19AM   Printer-friendly
from the all-together-now dept.

janrinok writes:

I found the following story which explains the nature of the DDoS threat facing us all. In the past, the main culprit of DDoS attacks were compromised computers which partially resulted in the multi-million dollar business of antivirus programs and similar software. Nowadays, the source is more likely to be a compromised CCTV camera, DVR, or some other device on the IoT.

Last week, the hosting provider OVH faced 1Tbps DDoS attack, likely the largest one ever seen.

The OVH founder and CTO Octave Klaba reported the 1Tbps DDoS attack on Twitter sharing an image that lists the multiple sources of the attack.

Klaba explained that the servers of its company were hit by multiple attacks exceeding 100 Gbps simultaneously concurring at 1 Tbps DDoS attack. One of the attacks documented by the OVH reached 93 MMps and 799 Gbps.

Now Klaba added further information on the powerful DDoS attacks, the CTO of the OVH claimed that the botnet used by attackers is powered by more than 150,000 Internet of Things (IoT) devices, including cameras and DVRs.

"This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn." — Octave Klaba / Oles (@olesovhcom) 23 settembre 2016

The bad news for the OVH company is that attacks are still ongoing and the size of the botnet is increasing.

Original Submission

 
This discussion has been archived. No new comments can be posted.
A Source for Recent DDoS Attacks | Log In/Create an Account | Top | 29 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Farkus888 on Thursday September 29 2016, @10:36AM

    by Farkus888 (5159) on Thursday September 29 2016, @10:36AM (#407821)

    Network is right in my job title and I don't want to do any of that for my home network. Right now I periodically check outbound traffic when the network is idle, thankfully they aren't doing amplification much any more. An IDS could automate that and notify me but then I have to configure and manage an IDS. Realistically since I use a home grade router that means adding a computer physically in line and potentially adding lag to my games.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: -1, Flamebait) by Anonymous Coward on Thursday September 29 2016, @10:45AM

    by Anonymous Coward on Thursday September 29 2016, @10:45AM (#407822)

    potentially adding lag to my games.

    Good news, gamer! Masturbation Simulator isn't affected by latency because it only uses the network to upload your high scores.

  • (Score: 3, Interesting) by zocalo on Thursday September 29 2016, @12:58PM

    by zocalo (302) on Thursday September 29 2016, @12:58PM (#407870)
    I don't *want* to do it either, but I think the sad state of privacy and security affairs make it necessary to try, and it wasn't too hard in my case as I have a decent router & AP setup that does all the necessary bits - VPN termination, multiple VLANs & SSIDs, firewalling and wireless device isolation - out of the box via a fairly intuitive GUI; setting up the networks took about 5 minutes, and probably about the same again for the firewall rules. Also, while the devices are trying to talk to the Internet (AFAICT it's all legit stuff like checking for updates and so on), that they actually don't *need* to, which also simplifies things considerably. I think it's like the 80:20 rule again; aiming for 100% security in a home router based solution is going to result in a confusing mess that won't hit the target anyway, but if you can implement trivialise and/or default the configuration of the 20% of features that solve 80% of the problems, then you've already made a huge difference.
    --
    UNIX? They're not even circumcised! Savages!

  • (Score: 3, Informative) by Scruffy Beard 2 on Thursday September 29 2016, @06:21PM

    by Scruffy Beard 2 (6030) on Thursday September 29 2016, @06:21PM (#408052)

    If you are putting a computer in the line anyway, use it as the router: it will probably be faster than whatever CPU your router uses.

    Of course, there is still technically some more latency if you disable DHCP and use the router as a switch. However, I suspect the extra routing speed of your computer will make up for it.