nanog mailing list archives
Re: GoDaddy : DDoS : : Contact
From: "Roland Dobbins" <rdobbins () arbor net>
Date: Mon, 03 Aug 2015 21:00:15 +0700
On 3 Aug 2015, at 20:35, Mel Beckman wrote:
But SYN floods are easily detected and deflected by all modern firewalls. If a handshake doesn’t complete within a certain time interval, the SYN is discarded.
This is incorrect. I've seen a 20gb/sec stateful firewall taken down by a 3mb/sec spoofed SYN-flood due to DDoS exhaustion. I've seen a 10gb/sec load-balancer taken down by 60s of 6kpps of HOIC:
<https://app.box.com/s/a3oqqlgwe15j8svojvzl>
The majority I’ve seen, however, are TCP.
<https://en.wikipedia.org/wiki/Hasty_generalization>
In any event, I think it’s not useful to misuse the term DDoS, and that it refers to any attack where the source addresses are distributed across the Internet, making them difficult to identify and therefore block.
Again, that ship sailed long ago. ----------------------------------- Roland Dobbins <rdobbins () arbor net>
Current thread:
- Re: GoDaddy : DDoS :: Contact, (continued)
- Re: GoDaddy : DDoS :: Contact Valdis . Kletnieks (Aug 02)
- Re: GoDaddy : DDoS :: Contact tqr2813d376cjozqap1l (Aug 02)
- Re: GoDaddy : DDoS :: Contact Dovid Bender (Aug 03)
- Re: GoDaddy : DDoS : : Contact John Levine (Aug 02)
- Re: GoDaddy : DDoS : : Contact Roland Dobbins (Aug 02)
- Re: GoDaddy : DDoS : : Contact Mel Beckman (Aug 03)
- Re: GoDaddy : DDoS : : Contact Roland Dobbins (Aug 03)
- Re: GoDaddy : DDoS : : Contact A . L . M . Buxey (Aug 03)
- Re: GoDaddy : DDoS : : Contact Stephen Satchell (Aug 03)
- Re: GoDaddy : DDoS : : Contact Mel Beckman (Aug 03)
- Re: GoDaddy : DDoS : : Contact Roland Dobbins (Aug 03)
- Re: GoDaddy : DDoS : : Contact Roland Dobbins (Aug 03)
- Re: GoDaddy : DDoS : : Contact Stephen Satchell (Aug 03)
- Re: GoDaddy : DDoS : : Contact Roland Dobbins (Aug 03)