1 post • joined 6 Oct 2009
Combat DDoS at the source
Although Amazon "uses standard DDoS-fighting techniques such as syn cookies and connection limits" and also "maintains internal bandwidth which exceeds its provider-supplied Internet bandwidth", their pipe has a finite size which can be filled with a large enough flood of unwanted packets - which can come from anywhere.
Hopefully, initiatives to filter malicious network traffic at its source (eg. http://www.darkreading.com/blog/archives/2009/09/dutch_isps_sign.html) will gain traction. Straight bandwidth flooding attacks, such as the ones that struck Bitbucket, are precisely the type of attack that can be curtailed with a simple packet symmetry filtering mechanism, situated close to the source of the malicious traffic.
- Top Gear Tigers and Bingo Boilers: Farewell then, Phones4U
- Analysis iPhone 6: The final straw for Android makers eaten alive by the data parasite?
- Stephen Pie iPhone 6: Most exquisite MOBILE? No. It is the Most Exquisite THING. EVER
- First Crack Bloke buys iPHONE 6 and DROPS IT to SMASH on PURPOSE
- Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM