Say Cheese: a snapshot of the massive DDoS attacks coming from IoT cameras
Over the last few weeks we've seen DDoS attacks hitting our systems that show that attackers have switched to new, large methods of bringing down web applications. They appear to come from the Mirai botnet (and relations) which were responsible for the large attacks against Brian Krebs.
Our automatic DDoS mitigation systems have been handling these attacks, but we thought it would be interesting to publish some of the details of what we are seeing. In this article we'll share data on two attacks, which are perfect examples of the new trends in DDoS.
In the past we've written extensively about volumetric DDoS attacks and how to mitigate them. The Mirai attacks are distinguished by their heavy use of L7 (i.e. HTTP) attacks as opposed to the more familiar SYN floods, ACK floods, and NTP and DNS reflection attacks.
Many DDoS mitigation systems are tuned to handle volumetric L3/4 attacks; in this instance attackers have switched to L7 attacks in an attempt to knock web applications offline.
Seeing the move towards L7 DDoS attacks we put in place a new system that recognizes and blocks these attacks as they happen. The Continue reading
5 Cisco CCIE Myths Debunked
CBT Nuggets trainer Anthony Sequeira counters common misconceptions around the prestigious networking certification.
Webscale Raises $12M for Multi-Cloud App Delivery
The company can also monitor apps using machine learning.
The Emergence Of The Full-Stack Engineer
The digital transformation requires IT teams have skills that span traditional enterprise IT silos.
The Two Principles Of Troubleshooting
- Never trust someone else’s configuration.
- Don’t trust your own configuration.
But in all seriousness. If you’re migrating configuration, this would be a good place to start:
- Check all your IP addresses are consistent.
- Check your masks are consistent.
- Check your interfaces are correct.
- If you’re working with peers, check your IP addresses for the peers are correct.I mean all 4 octets. Not just the last one, or two, or three. ALL FOUR. If it’s v6, then FML. Bite the bullet and write a script.
- Is there a naming convention to follow? There’s a temptation when migrating to stick with the old name, but new devices may require a different convention is adhered to. Reasons for this range from the whimsical to the valid.
If you’re coming up with something new, and it involves addressing new interfaces then start with this:
- First check your IP allocations are correct. By this, I mean check if you have any hierarchy or ordering. For example, do you reserve addresses by site, geographic location or application? If you do, then make sure these are consistent with what you’ve planned.
- Is your addressing valid? i.e: Are the subnets and host addresses you’ve assigned correct? Continue reading
Check Out the Designing Active-Active and Disaster Recovery Data Centers Webinar
The featured webinar in October 2016 is the Designing Active-Active and Disaster Recovery Data Centers webinar, and the featured videos include the discussion of disaster avoidance challenges and the caveats you might encounter with long-distance vMotion. All ipSpace.net subscribers can view these videos, if you’re not one of them yet start with the trial subscription.
As a trial subscriber you can also use this month's featured webinar discount to purchase the webinar.