On 2019-08-28 02:23, Damian Menscher via NANOG wrote:
On Wed, Aug 21, 2019 at 3:21 PM Töma Gavrichenkov
wrote:
On Thu, Aug 22, 2019 at 12:17 AM Damian Menscher
wrote:
Some additional questions, if you're able to answer them (off-list
is fine if there are things that can't be shared broadly)
On Wed, Aug 21, 2019 at 3:21 PM Töma Gavrichenkov wrote:
> On Thu, Aug 22, 2019 at 12:17 AM Damian Menscher
> wrote:
> > Some additional questions, if you're able to answer them (off-list is
> fine if there are things that can't be shared broadly):
> > - Was the attack referred to law enforcem
Hi,
Same happened in Lebanon(country). Similar pattern: carpet bombing for
multiple prefixes of specific ASN.
I suspect it is a new trend in DDoS-for-hire, and ISP who did not
install data scrubbing appliances will feel severe pain from such
attacks, since they use SYN + ACK from legit servers
Töma, thanks for this interesting update. The best defense against this
type of DDoS attacks seems idd to be relaying to
sufficiently-large-bandwidth cloud/CDN, and filtering TCP traffic (received
not from the relay). Such relaying should be done well - smart attacks may
still be possible for `naiv
Peace,
On Thu, Aug 22, 2019 at 12:17 AM Damian Menscher wrote:
> Some additional questions, if you're able to answer them (off-list is fine if
> there are things that can't be shared broadly):
> - Was the attack referred to law enforcement?
It is being referred to now. This would most probab
Thanks for following up, and for publishing two bits of key data:
- This was part of a larger attack campaign that included CLDAP
amplification
- The SYN/ACK amplification resulted in 208Mpps (or more)
Some additional questions, if you're able to answer them (off-list is fine
if there are thin
Peace,
Here's to confirm that the pattern reported before in NANOG was indeed a
reflection DDoS attack. On Sunday, it also hit our customer, here's the
report:
https://www.prnewswire.com/news-releases/root-cause-analysis-and-incident-report-on-the-august-ddos-attack-300905405.html
tl;dr: basical
7 matches
Mail list logo