Epic #mustread on DDoS, re: Spamhaus/Cyberbunker and “bringing down the Internet” with DDoS

Extract from the posting:

First off I can confirm a few basic facts, namely that we really did receive a ~300 Gbps attack directed at Cloudflare, and later specifically targeted at pieces of our core infrastructure. This is definitely on the large end of the scale as far as DoS attacks go, but I wouldn’t call it “record smashing” or “game changing” in any special way. It’s just another large attack, maybe 10-15% larger than other similar ones we’ve seen in the past, and I’m certain we will continue to see even larger ones in the future as global traffic levels increase. What made this particular attack notable is where it was targeted, which greatly increased the number of people who noticed it.

In defense of the claims in other articles, there is a huge difference between “taking down the entire Internet” and “causing impact to notable portions of the Internet”. My company, most other large Internet carriers, and even the largest Internet exchange points, all deliver traffic at multi-terabits-per-second rates, so in the grand scheme of things 300 Gbps is certainly not going to destroy the Internet, wipe anybody off the map, or even show up as more than a blip on the charts of global traffic levels. That said, there is absolutely NO network on this planet who maintains 300 Gbps of active/lit but unused capacity to every point in their network. This would be incredibly expensive and wasteful, and most of us are trying to run for-profit commercial networks, so when 300 Gbps of NEW traffic suddenly shows up and all wants to go to ONE location, someone is going to have a bad day.

But, having a bad day on the Internet is nothing new. […]

The whole thing is worth reading, all of which is a response to this Gizmodo article and apparently re: one comment on it from someone looking for primary sources.

I hope the comment’s author feels he got his money’s worth.

tl;dr – breaking the internet is still really hard via DDoS.

2 Replies to “Epic #mustread on DDoS, re: Spamhaus/Cyberbunker and “bringing down the Internet” with DDoS”

  1. In addition to the widely reported DDoS attack, there’s an interesting report from greenhost.nl that someone had attempted BGP hijacking of a Spamhaus Blacklist DNS server by advertising a /32 which went to a DNS server (hosted at cyberbunker) that always returned a positive result.

  2. Very sensible writing, from Cloudflare. I’m not a customer of theirs, but note that they have some very interesting ideas; have a look at their cloud-based IPv4 to v6 gateway service.

Leave a Reply

Your email address will not be published. Required fields are marked *