distributed denial of service
DDOS Attacks: Protecting your Network Infrastructure
Following the sophisticated and highly distributed attack involving tens of millions of IP addresses this past week, the concept of DDoS protection is on the forefront of network administrators and operator’s minds alike. While the nature and source of the attack is under investigation, understanding what can be done to prevent and mitigate future attacks is […]
Enterprise Security: Include DDoS Mitigation in your 2014 Plans
2014 will be a pivotal year for Enterprise Security professionals. Large scale Denial of Service ( DoS ) and Distributed Denial of Service attacks ( DDoS ) have been increasing over the years, which is nothing new. As technology evolves, including faster machines and cheaper bandwidth, attacks will also evolve just as fast if not […]
When Network Clocks Attack
In October 2013, Cisco TRAC discussed Network Time Protocol (NTP) as a possible vector for amplified distributed denial of service (DDoS) attacks. Litnet CERT has since revealed that their NTP servers were used in a denial of service (DoS) attack. Symantec also published information regarding an NTP amplification-based DDoS attack that occurred in December 2013. On December 7, 2013, a hackforums.net user posted an NTP amplification DDoS script to Pastebin. The NTP DDoS script is heavily obfuscated Perl, though the plain text at the top credits the "leaking" of the script to an individual who goes by the handle Starfall. Brian Krebs also mentioned someone going by the name Starfall as a paying user of booter.tw. They may be the same person.
STOPhausDDoS: Suspect in Custody
Back in March, Seth Hanford wrote about a distributed denial of service (DDoS) attack aimed at the SpamHaus organization. Since then, there have been some new developments in the aftermath of the DDoS attack, most notably the arrest of the attackers’ spokesperson, Sven Olaf Kamphuis. Update On April 26, Kamphuis, STOPhaus activist and possibly the person […]
Chronology of a DDoS: SpamHaus
Around 12:00 GMT March 16, 2013, a distributed denial of service (DDoS) attack took offline both the spamhaus.org website and a portion of its e-mail services. SpamHaus was able to restore connectivity by March 18; however, SpamHaus is still weathering a massive, ongoing DDoS attack. The DDoS attacks have also had less severe but measurable consequences for […]
Reflections from a road trip: The evolving risk of DDoS attacks
The author, Russ Smoak (Director of Cisco Security Intelligence Operations), discusses some of the feedback received from customers recently with regard to the Distributed Denial of Service (DDoS) activities that have occurred over the last few months. One of the main themes from this post is that it is time to start considering the threat of DDoS as a business continuity risk and not necessarily just a security concern.