Stories
Slash Boxes
Comments

SoylentNews is people

posted by Dopefish on Saturday February 15 2014, @08:00PM   Printer-friendly
from the when-the-going-gets-tough dept.

nobbis writes:

"The recent KrebsOnSecurity 200 Gbps DDoS Attack used NTP servers for amplification, a technique that is becoming increasingly common according to Symantec NTP Reflection Attacks and Arbor Networks NTP Attacks.

A similar 400Gbps attack reported by Cloudflare against one of its clients 400 Gbps Attack was intense enough to cause network congestion in Europe.

Brian Krebs believes however that some of the DDoS-for-hire services behind the recent attacks maybe using Cloudflare as a safe haven, a view repudiated by Matthew Prince, CEO of Cloudflare.

The attack against the KrebsOnSecurity site is thought to have been a demonstration of ability from a Hackforums.net user offering a DDoS-for-hire service."

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Funny) by Gaaark on Saturday February 15 2014, @08:08PM

    by Gaaark (41) on Saturday February 15 2014, @08:08PM (#171) Journal

    Really hope Mr. Krebs knows what he is doing security wise, 'cause with Spongebob and Squidward working for him..... :O

    --
    --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
  • (Score: 5, Funny) by combatserver on Saturday February 15 2014, @08:31PM

    by combatserver (38) on Saturday February 15 2014, @08:31PM (#173)
    They're just testing out their new system in preparation for the SoylentNews roll-out.
    --
    I hope I can change this later...
  • (Score: 5, Interesting) by combatserver on Saturday February 15 2014, @09:19PM

    by combatserver (38) on Saturday February 15 2014, @09:19PM (#180)

    Found an interesting take on the recent increases in DDoS attacks...obfuscation. It suggests the attackers are using the DDoS attacks as cover for other activities, and to drive up costs for targets--directly attacking the economic realities of their targets. Brutal.

    http://www.crn.com/news/security/300071742/cybercr iminals-using-ddos-as-smokescreen-experts-warn.htm [crn.com]

    --
    I hope I can change this later...
    • (Score: 2, Insightful) by paulej72 on Sunday February 16 2014, @04:52AM

      by paulej72 (58) on Sunday February 16 2014, @04:52AM (#203) Journal
      How about submitting this as an article?
      --
      Team Leader for SN Development
      • (Score: 1) by combatserver on Sunday February 16 2014, @09:09AM

        by combatserver (38) on Sunday February 16 2014, @09:09AM (#244)

        "How about submitting this as an article?"

        Good idea. Think I will. Thanks!

        --
        I hope I can change this later...
  • (Score: 5, Insightful) by AudioGuy on Saturday February 15 2014, @09:28PM

    by AudioGuy (24) on Saturday February 15 2014, @09:28PM (#181) Journal

    If the NSA were actually doing their JOB, instead of playing Peeping Tom, they have enough connectivity and processing power that they could probably trace back to all the zombies used for this purpose, and disable them.

    They COULD make DDOS attacks nearly impossible to sustain.

    That would require actual competence, though.

    • (Score: 2, Informative) by mrcoolbp on Sunday February 16 2014, @12:02AM

      by mrcoolbp (68) <mrcoolbp@soylentnews.org> on Sunday February 16 2014, @12:02AM (#183) Homepage
      Cool idea, is that feasable though? So many dynamic ips, the volume of requests involved, the speed at which they'd have to react etc. Surely you could start making dents, but of course as you say the resources they are are currently administering could more than cover it...
      --
      (Score:1^½, Radical)
      • (Score: 2) by janrinok on Sunday February 16 2014, @06:45PM

        by janrinok (52) Subscriber Badge on Sunday February 16 2014, @06:45PM (#284) Journal

        All that would be needed is for some arrests to be made. Once it is obvious that there is a price to pay for DDoS'ing a site it might reduce the frequency at which they occur. That would require intelligence to be collected - but isn't the NSA supposed to be able to do that?