Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Networking Botnet Security

200-400 Gbps DDoS Attacks Are Now Normal 92

An anonymous reader writes "Brian Krebs has a followup to this week's 400 Gbps DDoS attack using NTP amplification. Krebs, as a computer security writer, has often been the target of DDoS attacks. He was also hit by a 200Gbps attack this week (apparently, from a 15-year-old in Illinois). That kind of volume would have been record-breaking only a couple of years ago, but now it's just normal. Arbor Networks says we've entered the 'hockey stick' era of DDoS attacks, as a graph of attack volume spikes sharply over the past year. CloudFlare's CEO wrote, 'Monday's DDoS proved these attacks aren't just theoretical. To generate approximately 400Gbps of traffic, the attacker used 4,529 NTP servers running on 1,298 different networks. On average, each of these servers sent 87Mbps of traffic to the intended victim on CloudFlare's network. Remarkably, it is possible that the attacker used only a single server running on a network that allowed source IP address spoofing to initiate the requests. An attacker with a 1 Gbps connection can theoretically generate more than 200Gbps of DDoS traffic.' In a statement to Krebs, he added, 'We have an attack of over 100 Gbps almost every hour of every day.'"
This discussion has been archived. No new comments can be posted.

200-400 Gbps DDoS Attacks Are Now Normal

Comments Filter:
  • by SuricouRaven ( 1897204 ) on Saturday February 15, 2014 @01:29PM (#46255051)

    The problem with that approach is that a lot of those internet criminals are actually just immature teenagers - all they really need is a slap on the wrist to scare them straight and a good talking-to by their parents. Throwing them in jail is a good way to make sure they turn into real career criminals - if you can't get employment in legitimate work, what other choice is there? It's the same problem with heavy sentences for drug possession.

    Almost every decent computer security expert dabbled in black-hating a little when they were learning, if only to prove to themselves what they could do or for the fun of adventuring into forbidden places. I used to port-scan for open netbios shares back in the win9x era - found a lot of people who had their entire C: drive open to the world. I left text files on their desktops warning them about the open access.

Do not underestimate the value of print statements for debugging.