Network-layer DDoS attack trends for Q4 2020
DDoS attack trends in the final quarter of 2020 defied norms in many ways. For the first time in 2020, Cloudflare observed an increase in the number of large DDoS attacks. Specifically, the number of attacks over 500Mbps and 50K pps saw a massive uptick.
In addition, attack vectors continued to evolve, with protocol-based attacks seeing a 3-10x increase compared to the prior quarter. Attackers were also more persistent than ever — nearly 9% of all attacks observed between October and December lasted more than 24 hours.
Below are additional noteworthy observations from the fourth quarter of 2020, which the rest of this blog explores in greater detail.
- Number of attacks: For the first time in 2020, the total number of attacks observed in Q4 decreased compared to the prior quarter.
- Attack duration: 73% of all attacks observed lasted under an hour, a decrease from 88% in Q3.
- Attack vectors: While SYN, ACK, and RST floods continued to be the dominant attack vectors deployed, attacks over NetBIOS saw a whopping 5400% increase, followed by those over ISAKMP and SPSS.
- Global DDoS activity: Our data centers in Mauritius, Romania, and Brunei recorded the highest percentages of DDoS activity relative to non-attack Continue reading
JNCIE-DC lab in EVE-NG tips and tricks
After having some feedback regarding my previous post on running the JNCIE-DC self-study workbook in EVE-NG. I wanted to share some of the most common questions I personally experienced while using the lab and general things to be aware of and some tips! I also ran into some aspects of going through the workbook that […]
The post JNCIE-DC lab in EVE-NG tips and tricks first appeared on Rick Mur.Car Warranty vs Technology Service Contract
I’ve been struggling with the value of service contracts on IT equipment for some time now. As a rule of thumb, service contracts on IT infrastructure cost ~30% of the purchase price. This means that over three years of ownership you will pay the purchase price again. Which is quite a thing. I’m struggling to […]
Using New Ansible Utilities for Operational State Management and Remediation
Comparing the current operational state of your IT infrastructure to your desired state is a common use case for IT automation. This allows automation users to identify drift or problem scenarios to take corrective actions and even proactively identify and solve problems. This blog post will walk through the automation workflow for validation of operational state and even automatic remediation of issues.
We will demonstrate how the Red Hat supported and certified Ansible content can be used to:
- Collect the current operational state from the remote host and convert it into normalised structure data.
- Define the desired state criteria in a standard based format that can be used across enterprise infrastructure teams.
- Validate the current state data against the pre-defined criteria to identify if there is any deviation.
- Take corrective remediation action as required.
- Validate input data as per the data model schema
Gathering state data from a remote host:
The recently released ansible.utils version 1.0.0 Collection has added support for ansible.utils.cli_parse module, which converts text data into structured JSON format. The module has the capability to either execute the command on the remote endpoint and fetch the text response, or Continue reading
How Important is BGP RPKI?
Corey Quinn mentioned me in a tweet linking to AWS announcement that they are the biggest user of BGP RPKI (by the size of signed address space) worldwide. Good for them – I’m sure it got their marketing excited. It’s also trivial to do once you have the infrastructure in place. Just saying…
On a more serious front: how important is RPKI and what misuses can it stop?
If you’ve never heard of RPKI, the AWS blog post is not too bad, Nick Matthews wrote a “look grandma, this is how it works” version in 280-character installments, and you should definitely spend some time exploring MANRS resources. Here’s a short version for differently-attentive ;))
How Important is BGP RPKI?
Corey Quinn mentioned me in a tweet linking to AWS announcement that they are the biggest user of BGP RPKI (by the size of signed address space) worldwide. Good for them – I’m sure it got their marketing excited. It’s also trivial to do once you have the infrastructure in place. Just saying…
On a more serious front: how important is RPKI and what misuses can it stop?
If you’ve never heard of RPKI, the AWS blog post is not too bad, Nick Matthews wrote a “look grandma, this is how it works” version in 280-character installments, and you should definitely spend some time exploring MANRS resources. Here’s a short version for differently-attentive ;))
Get the Network Out of the Way
Getting the network out of the way has been very important for me in my thinking about networks, and is an easy way to help talk about a bunch of very important concepts, decisions, and arguments. This can sound trite, obvious, or insulting. In this post I’ll try to describe...Tech Bytes: VMware’s vRealize True Visibility Suite Illuminates Dark Corners Of Your IT Stack (Sponsored)
On today's sponsored Tech Bytes podcast we discuss VMware's vRealize True Visibility Suite (TVS), an add-on that helps you understand transactions from the physical layer all the way through to the application layer. Our guest is Apolak Borthakur, VP/GM at VMware.
The post Tech Bytes: VMware’s vRealize True Visibility Suite Illuminates Dark Corners Of Your IT Stack (Sponsored) appeared first on Packet Pushers.