[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GoDaddy : DDoS : : Contact

Subject: GoDaddy : DDoS : : Contact
From: rdobbins at arbor.net (Roland Dobbins)
Date: Mon, 03 Aug 2015 21:00:15 +0700
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

On 3 Aug 2015, at 20:35, Mel Beckman wrote:

> But SYN floods are easily detected and deflected by all modern 
> firewalls. If a handshake doesn?t complete within a certain time 
> interval, the SYN is discarded.

This is incorrect.  I've seen a 20gb/sec stateful firewall taken down by 
a 3mb/sec spoofed SYN-flood due to DDoS exhaustion.  I've seen a 
10gb/sec load-balancer taken down by 60s of 6kpps of HOIC:

<https://app.box.com/s/a3oqqlgwe15j8svojvzl>

> The majority I?ve seen, however, are TCP.

<https://en.wikipedia.org/wiki/Hasty_generalization>

> In any event, I think it?s not useful to misuse the term DDoS, and 
> that it refers to any attack where the source addresses are 
> distributed across the Internet, making them difficult to identify and 
> therefore block.

Again, that ship sailed long ago.

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>

Follow-Ups:
- GoDaddy : DDoS : : Contact
  - From: rdobbins at arbor.net (Roland Dobbins)

References:
- GoDaddy : DDoS :: Contact
  - From: rdobbins at arbor.net (Roland Dobbins)
- GoDaddy : DDoS : : Contact
  - From: johnl at iecc.com (John Levine)
- GoDaddy : DDoS : : Contact
  - From: mel at beckman.org (Mel Beckman)
- GoDaddy : DDoS : : Contact
  - From: list at satchell.net (Stephen Satchell)
- GoDaddy : DDoS : : Contact
  - From: mel at beckman.org (Mel Beckman)

Prev by Date: GoDaddy : DoS :: Contact
Next by Date: GoDaddy : DDoS : : Contact
Previous by thread: GoDaddy : DDoS : : Contact
Next by thread: GoDaddy : DDoS : : Contact
Index(es):
- Date
- Thread