Re: Cloudflare, and the 120Gbps DDOS "that almost broke the Internet"

[Warren Bailey <wbailey () satelliteintelligencegroup com>]

Wasn't there a ton of drama with the SpamHaus guys a year or so ago
regarding RBL's on NANOG?



On 3/27/13 2:54 PM, "Scott Weeks" <surfer () mauigateway com> wrote:

> --- bill () herrin us wrote:
> From: William Herrin <bill () herrin us>
>
> According to the New York Times it was 300 gbps and Cyberbunker was the
> bad guy.
> http://www.nytimes.com/2013/03/27/technology/internet/online-dispute-becom
> es-internet-snarling-attack.html?pagewanted=all&_r=0
> -----------------------------------------
>
> Got a link that we don't have to allow cookies and have to create an
> account to read?
> ------------------------------------------------------------
>
>
> I found it using startpage.com's proxy and pasted it below for
> others that don't want to create accounts and all:
>
>
> A squabble between a group fighting spam and a Dutch company that hosts
> Web sites said to be sending spam has escalated into one of the largest
> computer attacks on the Internet, causing widespread congestion and
> jamming crucial infrastructure around the world, John Markoff and Nicole
> Perlroth write on Wednesday in The New York Times.
>
> Millions of ordinary Internet users have experienced delays in services
> like Netflix or could not reach a particular Web site for a short time.
> However, for the Internet engineers who run the global network, the
> problem is more worrisome. The attacks are becoming increasingly
> powerful, and computer security experts worry that if they continue to
> escalate, people may not be able to reach basic Internet services, like
> e-mail and online banking.
>
> The dispute started when the spam-fighting group, called Spamhaus, added
> the Dutch company Cyberbunker to its blacklist, which is used by e-mail
> providers to weed out spam. Cyberbunker, named for its headquarters, a
> five-story former NATO bunker, offers hosting services to any Web site
> ³except child porn and anything related to terrorism,² according to its
> Web site.
>
> A spokesman for Spamhaus, which is based in Europe, said the attacks
> began on March 19, but had not stopped the group from distributing its
> blacklist.
>
> Patrick Gilmore, chief architect at Akamai Networks, a digital content
> provider, said Spamhaus¹s role was to generate a list of Internet
> spammers. Of Cyberbunker, he added: ³These guys are just mad. To be
> frank, they got caught. They think they should be allowed to spam.²
>
> Mr. Gilmore said that the attacks, which are generated by swarms of
> computers called botnets, concentrate data streams that are larger than
> the Internet connections of entire countries. He likened the technique,
> which uses a long-known flaw in the Internet¹s basic plumbing, to using a
> machine gun to spray an entire crowd when the intent is to kill one
> person. The so-called distributed denial of service, or DDoS, attacks
> have reached previously unknown magnitudes, growing to a data stream of
> 300 billion bits per second.
>
> Questioned about the attacks, Sven Olaf Kamphuis, an Internet activist
> who said he was a spokesman for the attackers, said in an online message
> that, ³We are aware that this is one of the largest DDoS attacks the
> world had publicly seen.² Mr. Kamphuis said Cyberbunker was retaliating
> against Spamhaus for ³abusing their influence.²
>
>
> scott