If you’re a regular on the internet, you probably know how a DDoS can choke your favorite site with garbage traffic . Well get used to it because they’re not going away; they’re actually getting worse. Read more…
More here:
The New Kind of DDoS That Could Cripple the Internet
The Internet has been groaning under the weight of a massive distributed denial of service (DDoS) attack on the Domain Name Service, apparently aimed at anti-spam vigilantes Spamhaus, in retaliation for their blacklisting of Dutch free speech hosting provider Cyberbunker. At 300 mbps, the DDoS is the worst in public Internet history. “These things are essentially like nuclear bombs,” said Matthew Prince, chief executive of Cloudflare. “It’s so easy to cause so much damage.” The so-called distributed denial of service, or DDoS, attacks have reached previously unknown magnitudes, growing to a data stream of 300 billion bits per second. “It is a real number,” Mr. Gilmore said. “It is the largest publicly announced DDoS attack in the history of the Internet.” Spamhaus, one of the most prominent groups tracking spammers on the Internet, uses volunteers to identify spammers and has been described as an online vigilante group. In the past, blacklisted sites have retaliated against Spamhaus with denial-of-service attacks, in which they flood Spamhaus with traffic requests from personal computers until its servers become unreachable. But in recent weeks, the attackers hit back with a far more powerful strike that exploited the Internet’s core infrastructure, called the Domain Name System, or DNS. As bad as this is, it could be a lot worse. An anonymous paper called Internet Census 2012: Port scanning /0 using insecure embedded devices reports on a researcher’s project to scan every IPv4 address for publicly available machines that will accept a telnet connection and yield up a root login to a default password. The researcher reports that 1.2 million such devices are available online (s/he compromised many of these machines in order to run the census). These machines are things like printers and routers with badly secured firmware, visible on the public net. They are often running an old version of GNU/Linux and can be hijacked to form part of a staggeringly large botnet that would be virtually unkillable, since the owners of these devices are vanishingly unlikely to notice that they are silently running attackware, and the devices themselves are completely unregarded. Firm Is Accused of Sending Spam, and Fight Jams Internet [NYT/John Markoff & Nicole Perlroth] ( via Hacker News )
View post:
DDoS storm breaks records at 300 Gbps
It’s been more than a year since the WSJ reported that Skype leaks its users’ IP addresses and locations. Microsoft has done nothing to fix this since, and as Brian Krebs reports, the past year has seen the rise of several tools that let you figure out someone’s IP address by searching for him on Skype, then automate launching denial-of-service attacks on that person’s home. In the above screen shot, we can see one such service being used to display the IP address most recently used by the Skype account “mailen_support” (this particular account belongs to the tech support contact for Mailien, a Russian pharmacy spam affiliate program by the same name). Typically, these Skype resolvers are offered in tandem with “booter” or “stresser” services, online attack tools-for-hire than can be rented to launch denial-of-service attacks (one of these services was used in an attack on this Web site, and on that of Ars Technica last week). The idea being that if you want to knock someone offline but you don’t know their Internet address, you can simply search on Skype to see if they have an account. The resolvers work regardless of any privacy settings the target user may have selected within the Skype program’s configuration panel. Beyond exposing one’s Internet connection to annoying and disruptive attacks, this vulnerability could allow stalkers or corporate rivals to track the movement of individuals and executives as they travel between cities and states. Privacy 101: Skype Leaks Your Location
Continue reading here:
Skype’s IP-leaking security bug creates denial-of-service cottage industry
Unlike Unicast-based networks, Anycast systems use dozens of individual data centers to dilute the effects of distributed denial-of-service attacks. CloudFlare As an international organization that disrupts spam operators, the Spamhaus Project has made its share of enemies. Many of those enemies possess the Internet equivalent of millions of water cannons that can be turned on in an instant to flood targets with more traffic than they can possibly stand. On Tuesday, Spamhaus came under a torrential deluge—75 gigabits of junk data every second—making it impossible for anyone to access the group’s website (the real-time blacklists that ISPs use to filter billions of spam messages were never effected). Spamhaus quickly turned to CloudFlare, a company that secures websites and helps mitigate the effects of distributed denial-of-service attacks. This is a story about how the attackers were able to flood a single site with so much traffic, and the way CloudFlare blocked it using a routing methodology known as Anycast. Read 8 remaining paragraphs | Comments
View article:
How whitehats stopped the DDoS attack that knocked Spamhaus offline
The Anonymous hacking collective has petitioned the White House, using the US government’s open forum to ask for DDoS attacks to be registered as an official form of complaint – and requesting the convictions of previous DDoS attackers be wiped from their records. More »
More:
Anonymous Wants DDoS Recognised as an Official Form of Protest