Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey
On Fri, 23 Sep 2016, Mike wrote: > On 09/23/2016 11:30 AM, Seth Mattinen wrote: > > On 9/23/16 10:58, Grant Ridder wrote: > > > Didn't realize Akamai kicked out or disabled customers > > > http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/ > > > > > > > > > "Security blog Krebs on Security has been taken offline by host Akamai > > > Technologies following a DDoS attack which reached 665 Gbps in size." > > > > > > So ultimately the DDoS was successful, just in a different way. > > > > ~Seth > > > > > More technical information about the characteristics of these attacks would be > very interesting such as the ultimate sources of the attack traffic > (compromised home pc's?), the nature of the traffic (dns / ssdp > amplification?), whether it was spoofed source (BCP38-adverse), and whether > the recent takedown the vDOS was really complete or if it's likely someone > else gained control of the C servers that controlled it's assets? At least for the OVH case there is a bit of info: https://twitter.com/olesovhcom/status/779297257199964160 "This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn." c'ya sven-haegar -- Three may keep a secret, if two of them are dead. - Ben F.
RE: GeoIP database issues and the real world consequences
On Wed, 13 Apr 2016, Nathan Anderson wrote: > What I do get upset hearing about, though, is law enforcement > agencies using that kind of data in order to execute a warrant. There > is nothing actionable there, and yet from the sounds of it, some LEAs > are getting search warrants or conducting raids on houses where they > believe they have a solid 1-to-1 mapping of IP address to physical > address. Which is absolutely inexcusable. Just watch any more or less recent CSI / crime TV show. They have "an IP", enter it into some gizmo, and it spits out the address, mostly shown on a nice sat image. That is so "normal" in TV that for Bully Policeman it just has to exist, and the reaction to a webform where you can enter an IP and get an address will just be "great, now I also have this" - no further thinking to be expected. And finding a Judge signing off nearly any warrant put in front of them is also not new. c'ya sven-haegar -- Three may keep a secret, if two of them are dead. - Ben F.
Re: DNSSEC and ISPs faking DNS responses
On Sun, 15 Nov 2015, Roland Dobbins wrote:
> On 15 Nov 2015, at 2:25, John Levine wrote:
>
> > They have point'n'click apps for all the usual platforms.
>
> They are not defaults.
>
> I think that many people on this list don't understand that the vast majority
> of users around the world do not know what a VPN is, do not know why they
> might need one, and aren't especially adept at installing applications, even
> from 'apps stores'.
Will everyone use VPN? For sure not.
But everyone that really wants to access something that he "should not"
by local definition.
Like the kids in the neighbourhood - the firsts parents gets an invoice
("Abmahnung" in German) for an illegal download of something done by
the kid, and watch how fast it goes around all of them that you can
avoid such costs (and more important the trouble with the parents) by
just installing this "app".
Technical details do not matter, a big enough incentive to do
something about it matters.
c'ya
sven-haegar
--
Three may keep a secret, if two of them are dead.
- Ben F.
Re: How to wish you hadn't forced ipv6 adoption (was "How to force rapid ipv6 adoption")
On Fri, 2 Oct 2015, Mark Andrews wrote: > > Likewise, sub-allocations can come into play, where a hoster is > > delegated a /48, but then subdivides it for various customers. > > A hoster is a LIR. It isn't the end customer. I think you are wrong here for a lot of szenarios. Today we have for example small web-agency gets /25 from datacenter hoster (LIR), puts two servers there, couple of VM, and then rents those VM to its 50 customers. >From the datacenter hoster point they would perhaps get one /48... c'ya sven-haegar -- Three may keep a secret, if two of them are dead. - Ben F.
