Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


DDOS Stats
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

DDOS Stats

raindog308raindog308 Administrator, Veteran
edited May 2012 in General

Got a vendor whitepaper/sales promo in my inbox. Some of the stats it had were interesting...don't know if they're accurate. The vendor is selling anti-DOS gear so certainly they are biased.

  • botnet rental cost averages $67/day
  • 15% of DDOS incidents are 10gpbs or higher
  • few are >100gbps but they happen monthly
  • CPU exhaustion is as difficult as bandwidth exhaustion (i.e., DNS packets are small but millions of them can overwhelm the CPU of the servers handling them even if overall bandwidth is small)
  • countries that generate the most attacks: China, Ukraine, India, U.S.
  • services other than web servers are increasingly common attack vectors - e.g., customers can't connect to your API (not sure what is meant by this example - most APIs I know are RESTful HTTP)
  • script kiddies like Anonymous are rare - most DDOS that affect business is still done by extortionists, competitors, and collateral damage from online feuds
Thanked by 2vedran mrm2005

Comments

  • taiprestaipres Member
    edited May 2012

    Sadly because of these people that flood eventually net neutrality is going to disappear and the gov is going to give ISP's limitless power to "stop the cyberterrorism". People won't hesitate to cash in their freedom for security....

  • @taipres said: Sadly because of these people that flood eventually net neutrality is going to disappear and the gov is going to give ISP's limitless power to "stop the cyberattacks". People won't hesitate to cash in their freedom for security....

    ISPs don't have any power, if you look at the recent UK Pirate Bay block the ISPs DIDNT want todo it, but were forced to.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @raindog308 said: botnet rental cost averages $67/day

    Naah....

    You can buy booter access to OVH botnets that can do ~10Gbit of UDP for like $10/m.

    Francisco

  • BlueVMBlueVM Member

    @Francisco said: You can buy booter access to OVH botnets that can do ~10Gbit of UDP for like $10/m.

    If only they had to actually pay the cost for the full line ($$$$+) then DDOS would be rare.

  • @Francisco said: $10/m.

    m as in month or minute? o0

  • taiprestaipres Member

    @Daniel said: ISPs don't have any power, if you look at the recent UK Pirate Bay block the ISPs DIDNT want todo it, but were forced to.

    They don't now, at least in the US, but considering the US is coporate america if they remove net neutrality ISP's would have unprecedented power. And while they could easily stop DDoS, their new power also would allow them to still ruin a free and open internet.

  • rds100rds100 Member

    The ISPs are not interested enough in stopping DDoS, otherwise they would have done it already. No new laws are needed for this.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @gsrdgrdghd said: m as in month or minute? o0

    month.

    Francisco

  • taiprestaipres Member

    @rds100 said: The ISPs are not interested enough in stopping DDoS, otherwise they would have done it already. No new laws are needed for this.

    They're not allowed to get down and dirty like they would need to, to stop DDoS, otherwise you get into traffic shaping again and FCC will slap them.

  • rds100rds100 Member

    @taipres they are not allowed to do what, BCP38? It's been published in May 2000.

  • JacobJacob Member

    Despite all of you think that ISPs cracking down on this kind of stuff would be the end to your personal privacy, Let's be honest. No one can hide from the internet.

    People who actually use tools like LOIC and possibly even other victims computers to attack you clearly are doing it with knowledge that it is Ilegal, If the ISPs actually Investigated into things like this then this surely would decrease half of the attacks on major businesses, I am referring to groups like Annonymous, Lulzsec.

  • taiprestaipres Member
    edited May 2012

    @Jacob It's not about hiding, it's about not giving ISP's and everyone else the power to treat people like a product or a number. The similar argument to what you're using is "you only use encryption because you have something to hide" which is completely flawed. Maybe people just don't want everyone and their brother looking at stuff that doesn't concern them. I mean what's next camera in public restrooms to "protect you against yourself"...there needs to be a real fine line, and politicans have spoke loudly that ISP's will abuse power they get, it's inevitable, Comcast in paticular already is, by ignoring their own datacaps for video services they offer yet imposing them on compeitiors customers like netflix etc...A company that's too big and too powerful helps no one, if At&t wasn't broken up back in the day, we wouldn't have verizon etc... today and we'd be stuck with at&t's crappy service.


    @rds100 I don't believe they are, but i'll have to check into it.

    Thanked by 1mrm2005
  • SpencerSpencer Member

    @taipres said: Comcast

    Speaking of Comcast I just saw a ad on TV, they now offer home security!

  • @Jacob said: If the ISPs actually Investigated into things like this then this surely would decrease half of the attacks on major businesses

    In the same way it's not the post office's job to investigate when a crime is committed via "traditional" mail it's not the ISPs job to investigate what you are doing with the bandwidth you pay for.

  • taiprestaipres Member
    edited May 2012

    @PytoHost said: Speaking of Comcast I just saw a ad on TV, they now offer home security!

    Heh, oh geese :P They need to role out Ipv6 already. Also I think Comcast's dnssec may of helped stop sopa, so can't fault them for that.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @taipres said: They're not allowed to get down and dirty like they would need to, to stop DDoS, otherwise you get into traffic shaping again and FCC will slap them.

    Net neutrality isn't a ruling in the US so traffic shaping/port blocking/etc are all very much allowed. What isn't allowed is tampering with a stream and injecting RST packets like comcast was doing to stop torrenters :P

    Francisco

  • @gsrdgrdghd said: In the same way it's not the post office's job to investigate when a crime is committed via "traditional" mail

    Tidbit: Not in the US...

    As one of our country’s oldest federal law enforcement agencies, founded by Benjamin Franklin, the United States Postal Inspection Service has a long, proud, and successful history of fighting criminals who attack our nation’s postal system and misuse it to defraud, endanger, or otherwise threaten the American public.

  • Awmusic12635Awmusic12635 Member, Host Rep

    @taipres Heh, oh geese :P They need to role out Ipv6 already. Also I think Comcast's dnssec may of helped stop sopa, so can't fault them for that.

    I know they are def. testing it, not sure if they rolled it out yet though.

  • taiprestaipres Member

    @Fliphost said: I know they are def. testing it, not sure if they rolled it out yet though.

    Yeah they have

    "All Comcast customers have automatically migrated to our DNSSEC validating servers. If for some reason you have manually configured your DNS IP addresses, we recommend you switch back to receiving them via DHCP and then release/renew your DHCP lease. If for some reason you wish to manually configuring your DNS servers, you may use the IPv4 addresses 75.75.75.75 and 75.75.76.76, and IPv6 addresses 2001:558:FEED::1 and 2001:558:FEED::2."

    http://www.dnssec.comcast.net/

  • DamianDamian Member

    @taipres said: Comcast in paticular already is, by ignoring their own datacaps for video services they offer yet imposing them on compeitiors customers like netflix etc

    Isn't that the concept of value added services?

  • @quirkyquark said: Tidbit: Not in the US...

    Well thats a government agency, the correct analogy for telcos would be privare mail services such as UPS for FedEX

  • taiprestaipres Member
    edited May 2012

    @Damian said: Isn't that the concept of value added services?

    I don't think so, the problem is Comcast owns a significant percentage of the US market in terms of providing internet services. So the fact they use this to cripple their compeitions ability to sell their services, like netflix, while promoting their own with no limitation, that's not fair practice and has to be illegal. In fact this is why I believe there's so many monopoly laws just so this kind of thing doesn't happen. As it literally removes the ability to compete. Granted Big corps abuse of patents does the same, ugh let me get patents out my mind, before I put my head through a wall or something out of anger.

  • MrAndroidMrAndroid Member
    edited May 2012

    The US has hardly any regulation in the communications sector.

    Cough AT&T Cough Verizon Cough

  • taiprestaipres Member

    @Daniel said: The US has hardly any regulation in the communications sector.

    Not true at all, in fact that's why the FCC exists, they regulate many things.

  • MrAndroidMrAndroid Member
    edited May 2012

    @taipres said: Not true at all, in fact that's why the FCC exists, they regulate many things.

    Well they do a pretty bad job at it, or regulate it so its better for companies then consumers.

  • taiprestaipres Member

    @Daniel said: Well they do a pretty bad job at it, or regulate it so its better for companies then consumers.

    Yeah I hear about the FCC in the news all the time, so they're definitely active, i'm just not sure if they're proactive. I will say though http://wiki.vuze.com/w/Bad_ISPs most those ISP's that abuse aren't in the US, so I think FCC has to be doing a decent job. I'd hate to live in China and use their crappy internet where everything is filtered and monitored and lame. I wish those billions of people would get rid of their communist gov, but if they're happy with it, more power to em.

  • DamianDamian Member

    @Daniel said: Well they do a pretty bad job at it, or regulate it so its better for companies then consumers.

    +1

  • Eg you guys are forced to pay $60+ for a phone contract, even SIM-only, thats insane to us.

Sign In or Register to comment.