Cloudflare Blocked a Massive 2 Tbps DDoS Attack (techcrunch.com) 18
Cloudflare says it has blocked a distributed denial-of-service (DDoS) attack that peaked at just under 2 Tbps, making it one of the largest ever recorded. From a report: The internet company said in a blog post that the attack was launched from approximately 15,000 bots running a variant of the original Mirai code on exploited Internet of Things (IoT) devices and unpatched GitLab instances. The DDoS attack comes just two weeks after Rapid7 warned of a GitLab vulnerability -- rated a full 10.0 on the CVSS severity scale -- that could be exploited to allow an attacker to remotely run code, like botnet malware, on an affected server. Rapid7 found that at least half of the 60,000 internet-facing GitLab instances remain unpatched, and warned that it expected "exploitation to increase" as details of the bug became public. The company wasn't wrong; Cloudflare said it blocked the massive DDoS attack just one week later. From its analysis of the attack, Cloudflare believes that it was a multi-vector attack that combined both DNS amplification attacks along with UDP floods.
So what is this announcement supposed to imply? (Score:5, Insightful)
That CloudFlare is such a great service to the internet that they've owned the right to control access to - and monitor - a solid third of it, and deny you access willy-nilly if you try to connect from an IP they don't like?
Fuck CloudFlare. Fuck DDoSes too, but fuck CloudFlare first.
Re:So what is this announcement supposed to imply? (Score:4, Interesting)
Re: (Score:3)
Re:So what is this announcement supposed to imply? (Score:4, Funny)
Re: (Score:2)
"Own the right"? More like people voluntarily sign up for their service. "Willy-Nilly?" Welcome to the consequences of address spoofing. "Honest officer, it wasn't me. It's my doppelganger."
Re: (Score:3)
Or use a better service that people don't abuse. Most of that DDoS came from those IPs you're complaining about - because people in general are idiots and we can never have a good thing. Put up a Tor exit node and it'll be banne
Re: (Score:3)
Also, this notion that Cloudflare has some super cool technology is bullshit too... they basically broke the DNS standard by creating their own authoritative nameservers that refuse to resolve hostnames if they detect bot activity. It's not really all that innovative. And it requires participating sites to give Cloudflare authoritative DNS control, which is another security issue.
Gatekeepers to the Internet. (Score:5, Informative)
So much for 'routing around the problem'..
Re: (Score:2)
I tend to agree. But what does it mean when all the routes have been flooded with garbage by assholes? Everyone should have Cloudflare's ability to block attacks of this size/nature?
Re: (Score:3)
Criminals: "Free" resources to do bad things.
Victims: "Free" resources to counter the criminals.
Reality: Someone ends up paying.
Great, wonderful, stupendous (Score:2)
The day I swoon over Cloudflare is the day hell is going to need snowplows.
They are a blight on the internet, and if somebody manages to send Cloudflare crashing and burning they would be doing the internet a favor.
Identifying vulnerable IoT devices? (Score:2)
Is there any way to identify which IoT devices are vulnerable these days?
Re:Identifying vulnerable IoT devices? (Score:5, Informative)
[ Is it an IoT device? ] -- Y -- > [ It's vulnerable ]
Just for starters, the Linux TCP/IP stack has gotten a whole bunch of scrutiny, but a great many embedded stacks have not... https://www.darkreading.com/vu... [darkreading.com]
Re: (Score:3)
IoT and gitlab instances... where's the windows part of that?
Re: (Score:2)
I don't know where you live, but it's not 1998 any more and PCs are connected to the internet through a router these days, not directly exposed through dialup or a USB DSL modem.