The real cause of large DDoS – IP Spoofing
A week ago we published a story about new amplification attacks using memcached protocol on UDP port 11211. A few things happened since then:
- Github announced it was a target of 1.3Tbps memcached attack.
- OVH and Arbor reported similar large attacks with the peak reported at 1.7Tbps.
Let's take a deep breath and discuss why such large DDoS attacks are even possible on the modern internet.
Large attacks use IP spoofing
CC BY-SA 2.0 image by DaPuglet
All the gigantic headline-grabbing attacks are what we call "L3" (Layer 3 OSI[1]). This kind of attack has a common trait - the malicious software sends as many packets as possible onto the network. For greater speed these packets are hand crafted by attackers - they are not generated using high-level, well-behaved libraries. Packets are mashed together as a series of bytes and fired onto the network to inflict the greatest damage.
L3 attacks can be divided into two categories, depending on where the attacker directs their traffic:
-
Direct: where the traffic is sent directly against a victim IP. A SYN flood is a common attack of this type.
-
Amplification: the traffic is sent to vulnerable Continue reading
Cisco Live CAE and Guest Keynote Announcements
As you may have heard by now, there have been a few exciting announcements from Cisco Live 2018 regarding the venue for the customer appreciation event and the closing keynote speakers.
Across The Universe
The first big announcement is the venue for the CAE. When you’re in Orlando, there are really only two options for the CAE. You either go to the House of the Mouse or you go to Universal Studios. The last two times that Cisco Live has gone to Orlando it has been to Universal. 2018 marks the third time!
Cisco is going big this year. They’ve rented the ENTIRE Universal Studios park. Not just the backlot. Not just the side parks. They WHOLE thing. You can get your fix on the Transformers ride, visit Harry Potter, or even partake of some of the other attractions as well. It’s a huge park with a lot of room for people to spread out and enjoy the scenery.
That’s not all. The wristband that gets you into the CAE also gets you access to Islands of Adventure before the full park opens! You can pregame the party by hanging out at Hogwarts, going to Jurassic Park, or joining your Continue reading
Why GE Digital Failed | Inc.com
Yet another big, dumb company telling lies about innovation and digital.
Cumulus content roundup: March
Welcome back to the Cumulus content roundup! This month we’re all about trying new networking solutions and practices. Whether it’s experimenting with EVPN or allowing automation to improve your network, we’re providing you with everything you need to help you start testing out the waters. We’ve got webinars, white papers and more to guide you, so get out your compass and start navigating the new world of networking!
What’s cooking at Cumulus?
The business benefits of Cumulus EVPN: Cumulus Ethernet Virtual Private Network (EVPN) is here to provide the solutions to your architectural complexities and make your data center even more efficient. Don’t believe us? Read this EVPN white paper to learn about the high-level business benefits your organization can leverage with Cumulus EVPN.
Networking in the container age: You definitely don’t want to miss this webinar! In this episode, you’ll learn about the popular container networking models and the pros and cons of each. Watch it now and find out how to best leverage orchestration tools such as Docker and Kubernetes.
5 Ways you can leverage the Linux community for your data center network: One of the greatest advantages of using a network operating system based Continue reading
Python Networking: FTP Programming
In this excerpt from the second edition of "Python Network Programming Cookbook," learn how to code basic FTP actions.
Routing Security BoF – APRICOT 2018
On Sunday, 25 February, the first day of APRICOT 2018, a “Routing Security BoF” (birds of a feather: An informal discussion group) was organized to address the ever-growing routing related incidents happening on daily basis. We have discussed routing security in general within the Asia Pacific region but there was a need to have a platform for open and candid discussion among the network operator community to find a possible way forward, where operators can share their approach in securing their own infrastructure and keeping the internet routing table clean as well.
A quick introduction was provided by the moderator (Aftab Siddiqui) on why it is important to have this BoF. Here are the introductory slides:
The first technical community presenter was Yoshinobu Matsuzaki (Maz) from Internet Initiative Japan (IIJ), the first ISP in Japan started in 1992. IIJ is one of the few ISPs in the region implementing prefix filtering, source address validation for their end customers, and making sure that all their routing information is reflecting the current status in the peeringdb for AS2497. IIJ was the first Asia Pacific ISP to join MANRS (Mutually Agreed Norms for Routing Security), a global initiative, supported by the Continue reading
Model-Driven Telemetry Isn’t as New as Some People Think
During the Campus Evolution with Cat9K presentation (I hope I got it right - the whole event was an absolute overload) the presenter mentioned the benefits of brand-new model-driven telemetry, which immediately caused me to put my academic hat on and state that we had model-driven telemetry for at least 30 years.
Don’t believe me? Have you ever looked at an SNMP MIB description? Did it look like random prose to you or did it seem to have some internal structure?
Read more ...Istanbul (not Constantinople): Cloudflare’s 124th Data Center
Cloudflare is excited to turn up our newest data center in Istanbul, Turkey. This is our 124th data center globally (and 62nd country), and it is throwing a curveball in our data center by continent tracking. Istanbul is one of the only cities in the world to span two continents: Europe and Asia. Technically, we’ll specify this is our 34th data center in Europe. In the coming weeks, we’ll continue to attract more traffic to this deployment as more networks interconnect with us locally.
March 2018 is a big month for us, as we’ll be announcing (on average) nearly one new Cloudflare data center per day. Stay tuned as we continue to meaningfully expand our geographic coverage and capacity.
Turkish Internet
The Hagia Sophia - Photo by Blaque X / Unsplash
Istanbul itself is home to more than 16 million people, and Turkey is home to over 80 million people. For reference, Turkey’s population is comparable to Germany’s, where Cloudflare turned up its 11th, 31st, 44th, 72nd and 110th data centers in Frankfurt, Düsseldorf, Berlin, Hamburg and Munich. Internet usage in Turkey is approaching 70%, while the rate of Turkish households with access to Internet now exceeds Continue reading
Routing Security is a Serious Problem – and MANRS Can Help. A Report from APRICOT 2018.
Last week, at APRICOT 2018 in Kathmandu, Nepal, there were a lot of talks and discussions focused on routing security and the Mutually Agreed Norms for Routing Security (MANRS).
First, there was a Routing Security BoF, attended by about 150 people, where we talked about what it takes to implement routing security practices, how CDNs and other players can help, and why it is so difficult to make progress in this area. The BoF included an interactive poll at the end, and it showed some interesting results:
- Participants almost unanimously see lack of routing security as a serious problem.
- Slow progress in this area is largely seen as due to a lack of incentives
- Participants see community initiatives (like MANRS) as the main driving forces for improvement, followed by CDNs and cloud providers. They doubt that governments or end-customers can effectively drive change.
My colleague Aftab Siddiqui is writing a separate blog post just about that BoF, so watch the blog in the next day or two.
Later, in the security track of the main APRICOT programme, Andrei Robachevsky, ISOC’s Technology Programme Manager, presented statistics on routing incidents and suggested a way forward based on the MANRS approach. In his Continue reading
Cisco Live 2018 – Fun for grownups!
Cisco Live 2018 is just around the corner in in June from the 10th – 14th in Orlando, FL. Hard …
The post Cisco Live 2018 – Fun for grownups! appeared first on Fryguy's Blog.
We just added another module to our Ethical Hacker v9 Technology Course series
Last week we added Certified Ethical Hacker Module 7: Sniffing to our video Library. This is the 7th video to be released as part of an 18 video CEH course series. All Access Pass members can watch Module 7 by logging into their All Access Pass account. For those who are not members, you can buy the series here.
Why You Should Watch:
Attaining sniffing capabilities is a great achievement for hackers, because even when it’s difficult to get there, the rewards might be worth the risk.
About The Course:
This is the 7th of 18 video courses in our CEH v9 Technology Course series and will prepare viewers for the sniffing portion of the Certified Ethical Hacker v9 Exam. This Module is 3 hours in length and is taught by Josué Vargas.
What You’ll Learn:
During this module you will learn about gathering valuable data through sniffing techniques. You will learn LAN based and Internet based sniffing attacks and even use an experimental setting in Wireshark as a remote sniffing tool.
About The Instructor:
Josué Vargas is a networks and security engineer and also owns his own company in Costa Rica, Netquarks Technologies S.R.L. He started Continue reading
Infrastructure 2.0: Whatever We’re Calling it Now, It’s Here
The modern infrastructure needs to embrace DevOps principles and apply its methodologies to the network.
A ZTE Telco Customer Wants ZTE VNFs with Red Hat OpenStack
ZTE has its own customized NFVi layer built on OpenStack.