Cloud Wars

Oct. 8, 2017 0 comments ADMIN Magazine Detection & Response firewall incident handling

A distributed denial of service (DDoS) attack on Spamhaus (Figure 1), a provider of real-time DNS blacklists, affected a part of the Internet last March with a flood of data reported to reach 300Gbps . Figure 1: Spamhaus, an organization that fights spam by issuing blacklists, fell prey to a DDoS attack on the Internet. Innocent users whose addresses had been added to blacklists had no way of asking for their entries to be deleted during the attack. Innocent domains thus remained blocked and many legitimate pieces of email were not delivered. After Spamhaus commissioned cloud security provider CloudFlare to defend its infrastructure, it was able to resume its usual services. The attackers, however, didn’t give up. A week later on March 23, LINX, one of the Internet’s backbone providers saw significant interruptions in their usual traffic, which peaks at around 1.5Tbps. Despite affecting this large Internet exchange, most people did not see any disruptions in their service. Also in M...

http://www.admin-magazine.com/Articles/Denial-of-Service-in-the-Cloud/(tagID)/2