The Tiger Effect and Internet DDoS 191
An anonymous reader writes "Many US and Canadian ISPs thought they were under a massive denial of service attack yesterday — traffic spiked by hundreds of gigabits across North America. Turns out that the traffic was due to live streaming of the U.S. Open and Tiger Woods nail-biting victory."
Re:Oops. (Score:5, Informative)
Re:Not Firefox? (Score:1, Informative)
Examine the traffic perhaps? (Score:3, Informative)
I'm not in favor of indiscriminate snooping, but as a security professional, this would be the first thing I would expect.
It was good quality video.. I watched. (Score:5, Informative)
I was surprised at how good the video looked. I have tried several other events in the past, and have always been disappointed, or completely unable to view it. Although, for the NCAA Final Four this year, I was finally able to actually watch a game after failing the last few years. I had to use Win2K within a VMware VM, but it did work.
The U.S. Open video worked directly from my Mac, had decent sized video, and was completely watchable on my laptop. Nice job USGA, NBC, etc.
Re:Wow! Could Thse ISPs be in Trouble!? (Score:5, Informative)
We have 500 users sharing a dual T1, all wanting to watch this. So why did business transactions begin failing? I wonder.
Yea, we saw this.
Since it was SSL we can't inspect it at the application layer for QoS. Since it's a huge number of IP ranges, that gets us too. We can't transparently proxy SSL so Squid can't help. It's a flash stream over https.
So we QoSed the end users on port 443 in this case. 300b/s seems about right.