On Fri, 23 Sep 2016, Mike wrote:
On 09/23/2016 11:30 AM, Seth Mattinen wrote:
On 9/23/16 10:58, Grant Ridder wrote:
Didn't realize Akamai kicked out or disabled customers http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-aft...
"Security blog Krebs on Security has been taken offline by host Akamai Technologies following a DDoS attack which reached 665 Gbps in size."
So ultimately the DDoS was successful, just in a different way.
~Seth
More technical information about the characteristics of these attacks would be very interesting such as the ultimate sources of the attack traffic (compromised home pc's?), the nature of the traffic (dns / ssdp amplification?), whether it was spoofed source (BCP38-adverse), and whether the recent takedown the vDOS was really complete or if it's likely someone else gained control of the C&C servers that controlled it's assets?
At least for the OVH case there is a bit of info: https://twitter.com/olesovhcom/status/779297257199964160 "This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send
1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn."
c'ya sven-haegar -- Three may keep a secret, if two of them are dead. - Ben F.