[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Krebs on Security booted off Akamai network after DDoS attack proves pricey
- Subject: Krebs on Security booted off Akamai network after DDoS attack proves pricey
- From: haegar at sdinet.de (Sven-Haegar Koch)
- Date: Fri, 23 Sep 2016 21:15:26 +0200 (CEST)
- In-reply-to: <[email protected]>
- References: <CAPiURgVbbbxbYt4g_3KcL=SEWWDVQGy_CeBGMR+3NaLuuxx=CA@mail.gmail.com> <[email protected]> <[email protected]>
On Fri, 23 Sep 2016, Mike wrote:
> On 09/23/2016 11:30 AM, Seth Mattinen wrote:
> > On 9/23/16 10:58, Grant Ridder wrote:
> > > Didn't realize Akamai kicked out or disabled customers
> > > http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
> > >
> > > "Security blog Krebs on Security has been taken offline by host Akamai
> > > Technologies following a DDoS attack which reached 665 Gbps in size."
> >
> >
> > So ultimately the DDoS was successful, just in a different way.
> >
> > ~Seth
> >
> >
> More technical information about the characteristics of these attacks would be
> very interesting such as the ultimate sources of the attack traffic
> (compromised home pc's?), the nature of the traffic (dns / ssdp
> amplification?), whether it was spoofed source (BCP38-adverse), and whether
> the recent takedown the vDOS was really complete or if it's likely someone
> else gained control of the C&C servers that controlled it's assets?
At least for the OVH case there is a bit of info:
https://twitter.com/olesovhcom/status/779297257199964160
"This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send
>1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn."
c'ya
sven-haegar
--
Three may keep a secret, if two of them are dead.
- Ben F.