On 09/15/16 13:49 +0300, Georgi Guninski wrote:
On Thu, Sep 15, 2016 at 12:25:56PM +0300, Cari Machet wrote:
https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html
lol, Russia and China. Did he miss the Norks?
Also where the resources and bandwidth come from, there is no mention of
it, especially botnets. Long ago someone claimed BGP amplification from
a single ISP can get large ddos factor, don't know if this scales
exponentially.
In the ISP space, certainly botnets, driven by gamers, almost exclusively -
in the enterprise and "critical infrastructure" space, driven by large
monetary and technical resources where botnet use is likely used for
obfuscation.
I've never encountered BGP amplification, which sounds like a waste of
time. In the ISP space, it's near all DNS and NTP.
A more interesting discussion would be non-DDOS based attacks that are only
briefly touched on in the article (DNS hijacking). The quite fragile voice
network - SIPs embarrassingly poor security use in trunking configurations,
BGP hijacking in the default free zone, and strategic attacks on provider
transport links come to mind.
--
Dan White
