Got to say though if you have a sustained DDoS you can’t mitigate in over 24 hours you should probably have bought in to Arbour or similar a while ago. Everyone is being very nice around the situation but its really not acceptable to have had the downtime. I know my commercial customers wouldn’t accept that. I know of networks able to mitigate even large DDoS attacks in an hour. Sounds like they didn’t have a plan or if they did it wasn’t tested well.
Graham On 10/12/2015, 11:19, "Tim Chown" <[email protected]> wrote: >> On 9 Dec 2015, at 17:44, Keith Mitchell <[email protected]> wrote: >> >> On 12/09/2015 07:37 AM, Pete Stevens wrote: >>> Either way, it's a gentle push to suggest that if some accurate and >>> helpful information could be released to the community / public, it >>> might be helpful to do so sooner rather than later to counter >>> misinformation that is already out in the public domain. >> >> Indeed, in the absence of detailed public statements, analyzable data >> would be a good thing. What's baffling me about these attacks is the >> motivation - it's very much the season for online shopping extortion >> attacks, and what happened to the root last week suggests there's a lot >> of DDoS generally going on right now, but its not clear what's to be >> gained from taking out academic infrastructure. I hope it's not some >> deadline-shy undergrad using a booter site to avoid their assessments >> ("the DoS ate my homework"...), but sadly such things are not >> inconceivable these days. > >It seems very likely to me that in cases such as this there are sensitivities >around the disclosure of any specifics around the attack, esp. when the attack >may still be considered ongoing, mitigations are being deployed, or there is a >non-negligible risk of the attack resuming. > >Being at a university, I know that university IT dept contacts have been kept >in the loop with periodic updates, which is very welcome. > >So it may be that some details are published in due course, but I fully >understand why that is not the case yet. The only problem then of course is, >as Pete implies, the age old issue of nature abhorring a vacuum, and junk >rumours / stories emerging and being published in various press outlets. It’s >a tricky balance. > >Tim >
