DDoS threat report for 2023 Q2
Welcome to the second DDoS threat report of 2023. DDoS attacks, or distributed denial-of-service attacks, are a type of cyber attack that aims to disrupt websites (and other types of Internet properties) to make them unavailable for legitimate users by overwhelming them with more traffic than they can handle — similar to a driver stuck in a traffic jam on the way to the grocery store.
We see a lot of DDoS attacks of all types and sizes and our network is one of the largest in the world spanning more than 300 cities in over 100 countries. Through this network we serve over 63 million HTTP requests per second at peak and over 2 billion DNS queries every day. This colossal amount of data gives us a unique vantage point to provide the community access to insightful DDoS trends.
For our regular readers, you might notice a change in the layout of this report. We used to follow a set pattern to share our insights and trends about DDoS attacks. But with the landscape of DDoS threats changing as DDoS attacks have become more powerful and sophisticated, we felt it's time for a change in how we present Continue reading
Informe sobre las amenazas DDoS en el 2º trimestre de 2023
Te damos la bienvenida al segundo informe sobre amenazas DDoS de 2023. Los ataques DDoS, o ataques de denegación de servicio distribuido, son un tipo de ciberataque cuyo objetivo es sobrecargar de tráfico sitios web (y otros tipos de propiedades de Internet) para interrumpir el funcionamiento normal y que los usuarios legítimos no puedan acceder a ellos, lo mismo que cuando un conductor está atrapado en un atasco de camino al supermercado.
Observamos muchos ataques DDoS de diferentes tipos y tamaños, y nuestra red es una de las mayores del mundo, ya que abarca más de 300 ciudades en más de 100 países. A través de esta red atendemos más de 63 millones de solicitudes HTTP por segundo durante picos de tráfico y más de 2 billones de consultas de DNS cada día. Esta ingente cantidad de datos nos ofrece una perspectiva privilegiada para dar a conocer a la comunidad tendencias reveladoras sobre los ataques DDoS.
Nuestros lectores habituales quizá noten un cambio en el diseño de este informe. Solíamos seguir un patrón fijo para compartir nuestras percepciones y tendencias sobre los ataques DDoS. Sin embargo, creemos que ha llegado el momento de cambiar la forma de presentar nuestras Continue reading
What’s New: Cloud Automation with amazon.cloud 0.4.0
The Amazon Web Services (AWS) Cloud Control Collection (amazon.cloud) has been updated with a powerful new suite of modules. We introduced the experimental cloud collection for Ansible back in May of 2022 and it has come a really long way. With the launch of the AWS Cloud Control API, developers have a consistent method to manage supported services that are defined as part of their cloud infrastructure throughout their lifecycle, so there are fewer APIs to learn as developers add new services to their infrastructure. The 0.4.0 version of the amazon.cloud collection not only improves the user experience in automating AWS cloud features with Ansible, but also provides improved code quality and an enhanced CI process.
This blog explains what is new in amazon.cloud 0.4.0 that will help both the developers and the users.
Forward-Looking Changes
Migration of CI from Zuul to GitHub Actions
Continuous Integration testing and the release process have been moved from Zuul to GitHub Actions for this collection. The tests include code linters (which check style formatting), unit tests, integration tests, sanity tests, and other custom checks. Using GitHub Actions has helped us save a Continue reading
HS052: Professional Liability and Qualified Design
As technology becomes more critical and vital to companies business leaders are beginning to question the reliability and liability. Insurers now require audits and demand complienace with set practices before issuing a policy. Corporate boards are realising that so-called tech professionals have zero training or professional requirement, consultants have even less and the analysts are... Read more »
HS052 Professional Liability and Qualified Design
As technology becomes more critical and vital to companies business leaders are beginning to question the reliability and liability. Insurers now require audits and demand complienace with set practices before issuing a policy. Corporate boards are realising that so-called tech professionals have zero training or professional requirement, consultants have even less and the analysts are […]
The post HS052 Professional Liability and Qualified Design appeared first on Packet Pushers.
Multipath TCP (MPTCP) Resources
Brian Carpenter published a list of Multipath TCP resources to one of the IETF mailing lists1:
- Modern Multipath Transport Protocols – an ebook by prof. Olivier Bonaventure describing QUIC, multipath TCP and multipath QUIC.
- Multipath TCP Wiki
- Multipath TCP for Linux
- Multipath TCP Python extension module
You might also want to listen to the Multipath TCP podcast we recorded with Apple engineers in 2019.
-
… along with a nice reminder that “it might be wise to look at actual implementations of MPTCP before jumping to conclusions”. Yeah, that’s never a bad advice, but rarely followed. ↩︎
Multipath TCP (MPTCP) Resources
Brian Carpenter published a list of Multipath TCP resources to one of the IETF mailing lists1:
- Modern Multipath Transport Protocols – an ebook by prof. Olivier Bonaventure describing QUIC, multipath TCP and multipath QUIC.
- Multipath TCP Wiki
- Multipath TCP for Linux
- Multipath TCP Python extension module
You might also want to listen to the Multipath TCP podcast we recorded with Apple engineers in 2019.
-
… along with a nice reminder that “it might be wise to look at actual implementations of MPTCP before jumping to conclusions”. Yeah, that’s never a bad advice, but rarely followed. ↩︎
Do We Really Want Creativity In IT?
This post originally appeared in the Packet Pushers’ Human Infrastructure newsletter. You can subscribe for free and see every back issue here. And we don’t share your contact details with anyone else because we’re selfish like that. Creativity sits among the group of attributes, including teamwork and communication, that employers say they most desire. For […]
The post Do We Really Want Creativity In IT? appeared first on Packet Pushers.
Tech Bytes: ThousandEyes Extends End-to-End Network Visibility To Meraki MX And More (Sponsored)
In today’s Tech Byte, we’ve got Cisco ThousandEyes sharing new product capabilities, including ThousandEyes on Meraki MX and Webex RoomOS devices and faster insights into the root cause of problems your users are calling to complain about. We also discuss the recent acquisition of SamKnows, which gives ThousandEyes deeper visibility into ISPs.Tech Bytes: ThousandEyes Extends End-to-End Network Visibility To Meraki MX And More (Sponsored)
In today’s Tech Byte, we’ve got Cisco ThousandEyes sharing new product capabilities, including ThousandEyes on Meraki MX and Webex RoomOS devices and faster insights into the root cause of problems your users are calling to complain about. We also discuss the recent acquisition of SamKnows, which gives ThousandEyes deeper visibility into ISPs.
The post Tech Bytes: ThousandEyes Extends End-to-End Network Visibility To Meraki MX And More (Sponsored) appeared first on Packet Pushers.
10 Tips to Secure Your Wireless Network: Protect Your Network from Unauthorized Access
Using these tips can go a long way to securing wireless networks. But keep in mind wireless network security is an evolving endeavor.The Balancing Act Of Training Generative AI
We learn a lot of lessons from the hyperscalers and HPC centers of the world, and one of them is that those who control their own software control their own fates. …
The post The Balancing Act Of Training Generative AI first appeared on The Next Platform.
The Balancing Act Of Training Generative AI was written by Timothy Prickett Morgan at The Next Platform.
Network Break 438: Intel Abandons NUC; EU Blesses Broadcom/VMware Union; Microsoft Joins SSE Race
Take a Network Break! This week we discuss Intel walking away from the NUC PC, Microsoft rebranding Azure AD and launching an SSE offering, and Microsoft Exchange Online getting hacked. We also cover the EU's conditional approval of Broadcom's VMware acquisition, why Wireshark needs your help, and more IT news.Network Break 438: Intel Abandons NUC; EU Blesses Broadcom/VMware Union; Microsoft Joins SSE Race
Take a Network Break! This week we discuss Intel walking away from the NUC PC, Microsoft rebranding Azure AD and launching an SSE offering, and Microsoft Exchange Online getting hacked. We also cover the EU's conditional approval of Broadcom's VMware acquisition, why Wireshark needs your help, and more IT news.
The post Network Break 438: Intel Abandons NUC; EU Blesses Broadcom/VMware Union; Microsoft Joins SSE Race appeared first on Packet Pushers.
Upcoming BGP Policy Course
This coming Friday I’m teaching a course in BGP policy over at Safari Books Online. It’s three hours of straight-up BGP policy goodness. From the description:
This course begins by simplifying the entire BGP policy space into three basic kinds of policies that operators implement using BGP—selecting the outbound path, selecting the inbound path, and “do not transit.” A use case is given for each of these three kinds, or classes, of policies from the perspective of a transit provider, and another from the perspective of a nontransit operator connected to the edge of the ‘net.