On Fri, 23 Sep 2016, Christopher Morrow wrote:
On Fri, Sep 23, 2016 at 9:24 PM, Jon Lewis wrote:
On Fri, 23 Sep 2016, Patrick W. Gilmore wrote:
Is CloudFlare able to filter Layer 7 these days? I was under the
impression CloudFlare was not able to do that.
There have been a lot of rumors ab
On Fri, Sep 23, 2016 at 9:24 PM, Jon Lewis wrote:
> On Fri, 23 Sep 2016, Patrick W. Gilmore wrote:
>
> Is CloudFlare able to filter Layer 7 these days? I was under the
>> impression CloudFlare was not able to do that.
>>
>> There have been a lot of rumors about this attack. Some say reflection,
>
On Fri, 23 Sep 2016, Patrick W. Gilmore wrote:
Is CloudFlare able to filter Layer 7 these days? I was under the
impression CloudFlare was not able to do that.
There have been a lot of rumors about this attack. Some say reflection,
others say Layer 7, others say .. other stuff. If it is Layer
> On Sep 23, 2016, at 5:39 PM, Hugo Slabbert wrote:
>
> If the attackers were hitting the GRE tunnel destination and spoofing the
> tunnel source that would make things harder, but that's starting to get into
> rather intimate knowledge of the scrubber's and customer's setup. I could
> still
Not at all. I refered to AUP's as a way people remove you from a service
when you use more of it then you are paying for.
On Fri, Sep 23, 2016 at 3:58 PM, Marcin Cieslak wrote:
> On Fri, 23 Sep 2016, jim deleskie wrote:
>
> > They were hosting him for free, and like insurance, I can assure you
A similar GRE attack was used against the Olympics:
"Once the Olympics got under way, LizardStresser along with a few other botnets
ramped up their attack against organizations affiliated with the Olympics. The
DDoS campaign launched attack traffic using the lesser-known IP protocol
Generic Rou
On Fri 2016-Sep-23 17:29:59 -0400, Jared Mauch wrote:
On Sep 23, 2016, at 5:24 PM, Hugo Slabbert wrote:
Please tell me why I can't spoof source IPs on a stateless protocol like GRE.
If he specifically meant you can't spoof a source, hit a reflector, and gain
amplification, sure, but I se
> On Sep 23, 2016, at 5:24 PM, Hugo Slabbert wrote:
>
> Please tell me why I can't spoof source IPs on a stateless protocol like GRE.
> If he specifically meant you can't spoof a source, hit a reflector, and gain
> amplification, sure, but I see zero reason why GRE can't have spoofed source
>
> > >
>http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
>
>> > >
>> > > "Security blog Krebs on Security has been taken offline by host
>Akamai
>> > > Technologies following a DDoS a
Yes, they do (or advertise):
https://support.cloudflare.com/hc/en-us/articles/200170216-How-large-of-a-DDoS-attack-can-CloudFlare-handle-
Jörg
On 23 Sep 2016, at 21:26, Patrick W. Gilmore wrote:
Is CloudFlare able to filter Layer 7 these days? I was under the
impression CloudFlare was not able
We routinely mitigate L7s. Matthew is also on the record saying we've
seen and mitigated similar attacks to this one (based on available
information about this attack).
Justin Paine
Head of Trust & Safety
CloudFlare Inc.
PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D
On Fri,
Is CloudFlare able to filter Layer 7 these days? I was under the impression
CloudFlare was not able to do that.
There have been a lot of rumors about this attack. Some say reflection, others
say Layer 7, others say .. other stuff. If it is Layer 7, how are you going to
‘step in front of the can
FWIW, we have offered to help. No word so far. We're more than willing
to step in front of the cannon pointed his way.
Justin Paine
Head of Trust & Safety
CloudFlare Inc.
PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D
On Fri, Sep 23, 2016 at 11:58 AM, Marcin Cieslak wrote:
On Fri, 23 Sep 2016, Mike wrote:
> On 09/23/2016 11:30 AM, Seth Mattinen wrote:
> > On 9/23/16 10:58, Grant Ridder wrote:
> > > Didn't realize Akamai kicked out or disabled customers
> > > http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network
On Fri, 23 Sep 2016, jim deleskie wrote:
> They were hosting him for free, and like insurance, I can assure you if you
> are consistently using a service, and not covering the costs of that
> service you won't be a client for long. This is the basis for AUP/client
> contracts and have been going
On 09/23/2016 11:30 AM, Seth Mattinen wrote:
On 9/23/16 10:58, Grant Ridder wrote:
Didn't realize Akamai kicked out or disabled customers
http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
"Security blog Krebs on Securit
On 9/23/16 10:58, Grant Ridder wrote:
Didn't realize Akamai kicked out or disabled customers
http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
"Security blog Krebs on Security has been taken offline by host Akamai
Technologies f
p://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
>
> "Security blog Krebs on Security has been taken offline by host Akamai
> Technologies following a DDoS attack which reached 665 Gbps in size."
>
> -Grant
point though.
>
> --
> Alex Wacker
>
>
> On September 23, 2016 at 2:00:10 PM, Grant Ridder (shortdudey...@gmail.com)
> wrote:
>
> Didn't realize Akamai kicked out or disabled customers
> http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-
While we are on topic of DDOS, it looks like it's quite a storm now.
According to this WHT post [1], some large server providers were
recently attacked, and many are still being attacked with quite a large
bandwidth, ie 1Tbps attacks against OVH. [2], [3]
Regards,
Filip
[1] http://www.webh
On Fri, Sep 23, 2016 at 2:58 PM, Grant Ridder
wrote:
> Didn't realize Akamai kicked out or disabled customers
> http://www.zdnet.com/article/krebs-on-security-booted-off-
> akamai-network-after-ddos-attack-proves-pricey/
>
> "Security blog Krebs on Security has been tak
midwest-ix.com
>
> - Original Message -
>
> From: "Grant Ridder"
> To: nanog@nanog.org
> Sent: Friday, September 23, 2016 12:58:44 PM
> Subject: Krebs on Security booted off Akamai network after DDoS attack
> proves pricey
>
> Didn't realize Akamai kicked
On Sep 23, 2016, at 1:58 PM, Grant Ridder wrote:
>
> Didn't realize Akamai kicked out or disabled customers
> http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
>
> "Security blog Krebs on Security has been tak
ptember 23, 2016 12:58 PM
To: nanog@nanog.org
Subject: Krebs on Security booted off Akamai network after DDoS attack proves
pricey
Didn't realize Akamai kicked out or disabled customers
http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
On Fri Sep 23, 2016 at 10:58:44AM -0700, Grant Ridder wrote:
> Didn't realize Akamai kicked out or disabled customers
They didn't - Krebs has publicly stated that Akamai were providing services
"Pro Bono" - and I guess the goodwill ran out :)
Simon
omers
http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
"Security blog Krebs on Security has been taken offline by host Akamai
Technologies following a DDoS attack which reached 665 Gbps in size."
-Grant
6 12:58:44 PM
Subject: Krebs on Security booted off Akamai network after DDoS attack proves
pricey
Didn't realize Akamai kicked out or disabled customers
http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
"Security blog Krebs
Once upon a time, Grant Ridder said:
> Didn't realize Akamai kicked out or disabled customers
Any business is likely to kick out customers that cost them much more
than they are being paid (under relevant contract terms of course).
Since his blog was being hosted for free, it isn't surprising tha
Didn't realize Akamai kicked out or disabled customers
http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
"Security blog Krebs on Security has been taken offline by host Akamai
Technologies following a DDoS attack which reached 6
101 - 129 of 129 matches
Mail list logo