SoylentNews is people
SoylentNews
Microsoft Azure customer hit by largest 3.47 Tbps DDoS attack:
A Microsoft Azure cloud computing customer in Asia was a victim of a massive 3.47 Tbps DDoS attack (distributed denial of service attack) in November 2021, the software and technology giant Microsoft revealed on January 25, 2022.
The DDoS attack lasted approximately 15 minutes and included a botnet of more than 10,000 compromised IoT (Internet of Things) devices from countries across the globe. These included Iran, India, China, Russia, Taiwan, Vietnam, Thailand, Indonesia, South Korea, and the United States.
Attack vectors were UDP reflection on port 80 using Simple Service Discovery Protocol (SSDP), Connection-less Lightweight Directory Access Protocol (CLDAP), Domain Name System (DNS), and Network Time Protocol (NTP) comprising one single peak.
Alethea Toh Product Manager, Azure Networking
Microsoft's report further disclosed that there has been a surge in DDoS attacks with the United States and India being prime targets. The company noted that Hong Kong has also become a popular hotspot for attackers however there has been a decrease in DDoS activity in Europe.
[...] A DDoS attack involves sending a huge amount of illegal traffic from compromised machines to the intended target and therefore disrupting them completely. The system can crash and lead to a massive loss of data, particularly, in the case of companies that host a significant amount of information regarding their clients and customers.
(Score: 4, Insightful) by Username on Saturday January 29 2022, @02:04PM (8 children)
> illegal traffic
There is no such thing. If sending a lot of packets is illegal, then spam should be illegal as well. Everyone driving to lambeau field for a packer game should be illegal.
> system can crash and lead to a massive loss of data
If I send a packet to your server and it crashes, not my fault, you shouldn't be accepting packets. If I send you a letter, and your mailbox falls down, not my fault either. Get a better mailbox.
(Score: 2, Funny) by Anonymous Coward on Saturday January 29 2022, @02:44PM (2 children)
Please post your server IP so we can direct our ddos there. I'm sure you won't care, since you are immune?
(Score: 4, Funny) by Booga1 on Saturday January 29 2022, @03:31PM (1 child)
My IP is 127.0.0.1 Come at me bro. Let's see what you've got!
(Score: 4, Funny) by Anonymous Coward on Saturday January 29 2022, @07:22PM
Hey! I have the same IP for my
luggagejournal!!Signed,
Totally banned aristarchus
(No, seriously, can't post from 127.0.0.1, either! )
(Score: 3, Touché) by EvilSS on Saturday January 29 2022, @08:22PM (1 child)
(Score: 2) by darkfeline on Sunday January 30 2022, @10:19AM
Just because something is legal doesn't mean someone would be willing to do it to prove it is legal. Walking in a sketchy neighborhood at night is legal, but I wouldn't do it.
Join the SDF Public Access UNIX System today!
(Score: 2, Disagree) by PiMuNu on Saturday January 29 2022, @08:52PM
UK law:
https://www.nationalcrimeagency.gov.uk/?view=article&id=243:ddos-attacks-are-illegal&catid=2 [nationalcrimeagency.gov.uk]
(Score: 2) by VLM on Saturday January 29 2022, @10:32PM
Its a "English language is shitty" problem not a legal problem. Or its illegal as in violating a protocol specs not illegal as in jaywalking or smoking a joint.
So this example isn't a UDP reflection attack, but the spirit of the attack is imagine I sent a packet to soylent news requesting the web page at sn.org/siaflnfbvawtfwtfwtfsdfasdhsgdfg.html and imagine SN is one of those places with the cute animated 404 error message page that takes up 50 megs of bandwidth because their 404 page has dancing animated toasters on it, and I falsify my source address as actually being you, and the SN server responds back to you (not me) with a 50 meg 404 error message page. For laughs I tried a URL at SN and its a modestly large 404 page; but you can't do UDP reflection attacks on TCP port 80 anyway.
The actual way you do a reflection attack using NTP is you send a packet to "some" ntp servers that (in a speculative sense) I'm using an authentication algo that's literally not even defined in the spec and their server flips their shit upon seeing such a weird authentication spec and sends an enormous 1000 byte response back along the lines of "WTF that auth protocol doesn't exist dumbass go away" although in computer language not English, and for the LOLz I put your address in as the source instead of my actual address.
So (making this up for the Lolz, but in spirit I'm correct) my packet is illegal as in the ntp protocol specification says legal ntp packets all have one of the defined authentication schemes identified by a number 0 to 35 currently defined as of 2022 but I sent one identified with the number 36 manually set to some poor bastard, and their server flipped out and spammed you back an enormous error message because auth scheme #36 doesn't exist as of 2022. And my ntp ping was like 20 bytes and their error message was 2000 bytes so I amplified my attack on you by a factor of 100 by sending "illegal" packets to an innocent bystander.
If you think about it using a shitty soylent news automobile analogy, its like doing a DDOS on your postal mailbox by sending a shitton of fake screwed up magazine subscriptions to Car and Driver magazine and totally Fing up the subscription request except for including your postal address, so Car and Driver keeps sending you endless form letters along the lines of "OK dude, you should know that legal credit card numbers are not negative integers nor floats so please try to re-subscribe". So they're illegal in the sense of the credit card spec says legal credit card numbers are 16 digits or whatever, not negative forty two and a half or some nonsense like that.
(Score: 1) by Sabriel on Monday January 31 2022, @12:02PM
> There is no such thing. If sending a lot of packets is illegal, then spam should be illegal as well. Everyone driving to lambeau field for a packer game should be illegal.
Sending a lot of packets can be legal or illegal much like shooting a lot of bullets can be, it depends on the circumstances, but maybe you can explain why you plugging little Timmy full of holes weren't illegal to the judge better than I can. I don't think "coz he said he liked the packers" is gonna cut it.
> If I send a packet to your server and it crashes, not my fault, you shouldn't be accepting packets. If I send you a letter, and your mailbox falls down, not my fault either. Get a better mailbox.
Did you miss that that paragraph was providing a simpler explanation for less IT savvy folks, or did you just accidentally delete your empathy this morning? Whether one calls it a "crash" or describes it properly, for some weird reason I got a little hunch most systems wouldn't just no-sell a DDoS like that.