|
|
[ Message Precedent sur la mailing][ Message Suivant sur la mailing][ Precedent dans le fil][ Prochain dans le fil][ Index par Date][ Index par fil]
Re: [Full-disclosure] Ubisoft DDoS
Perhaps Cisco xt 5650a? Also, 6500 series are actually switches, not routers. ;-) Cheers. On Tue, Mar 9, 2010 at 4:24 PM, Michal <michal@xxxxxxxxxxx> wrote:
On 09/03/2010 15:12, Valdis.Kletnieks@xxxxxx wrote:
> On Tue, 09 Mar 2010 15:27:02 +0100, Adrenalin said:
>> I'm just wondering, even if it's under DDoS, isn't it as easy to block as to
>> collect the list of IP that send too much data, and just block them on the
>> upper level ISP ?
>
> You *do* realize that a *small* botnet these days is 75,000 machines, and
> there's a estimated 140 million compromised zombie boxes out there? There's
> very few boxes that can handle an inbound ACL of 75K entries sanely - usually
> what ends up happening is the upstream drops all traffic *to* the target node
> just so all the *other* boxes at the site still get some bandwidth.
>
> And "sending too much data" is hard to quantify - if you have enough bots,
> you can thoroughly DDoS a site using far *less* bandwidth per host than a
> normal user does. If the site was designed to handle 10,000 clients each
> sending 5 packets per second for 10 seconds during a login at game start,
> it will likely fall over if you throw 100,000 bots at it, each sending
> 4 packets a second continuously...
>
that worked to stop DDoS as we got hit quite a bit. I have to say they
managed quite well, often we would only notice because we regularly
checked the graphs over 24 hours periods. Other times the attacks had
some successes but they worked well. Can't remember what they where
called...think it was a company that ended up being bought by Cisco,
though we did have cards in the 6500 routers to also help out with DDOS.
Full-Disclosure - We believe in it.
Charter: link://[click]
Hosted and sponsored by Secunia - link://[click]
Archives de la liste de diffusion Secunia
Archives de la liste de diffusion Full Disclosure
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
