New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
300 gb/s LOL
"If you aimed this at Downing Street they would be down instantly," he said. "They would be completely off the internet."
He added: "These attacks are peaking at 300 gb/s (gigabits per second).
"Normally when there are attacks against major banks, we're talking about 50 gb/s."
Comments
Lol, doubt it's 300gb/s
Might aswell say the first 1tb/s attack...
Edit:
I can't see Spamhaus having '300gb/s' of leeway, and I assume with this much throughput there'd be a large amount of PPS, which no firewall I know of would handle, it also states that their DNS are being hit, so what, a few servers in multiple locations have over 300gb/s protection?
Unlikely.
I agree with how they feel, but not the reaction, SpamHaus can have the 'big bully' attitude because of it's size and userbase, everybody flocks to SpamHaus to block common spammers and whatnot, but there must be some more story behind this.
300gbit? Ha.
When some of these blacklists brag on twitter about how many IPs they block per day compared to others, you have to know that they're not in it for the right reasons. It's stupid.
Cloudflare stated in there post and graphs a burst period but I only saw 70 - 90 Gbps
Link: http://blog.cloudflare.com/the-ddos-that-knocked-spamhaus-offline-and-ho
@jarland the man. Thank you
SpamHaus's intentions are good, it's just sometimes they get it wrong. You don't HAVE to use Spamhaus.
Compared to some other blacklist out there, Spamhaus is the easiest to get removed if it does flag you.
"several companies, such as Google, had made their resources available to help 'absorb all of this traffic'."
Added a word for clarity.
The majority of IP's on Spamhaus' lists were used for spamming at one time but Spamhaus is slow to update when a spammer is given the boot and the IP is cleaned up. The majority of providers with a large number of IPs listed at Spamhaus are guilty as charged however because they either have lax attitudes towards spammers or are slow to react to abuse complaints
The US government has basically been purchased by large corporations so there really isn't any difference between the US government doing the censoring and private companies doing the censoring in the US...they both serve the same master. :P
I am feeling the slowness today.I was just cursing my ISP,before I saw this thread.
And in the meantime, no effort appears to be made to actually fight spam, and people keep using inaccurate blocklists like Spamhaus, despite them not being a solution to the spam problem.
The reason why no effort is being made to develop a real solution? "We already have blacklists, so why would we?"
The attack was largely cleaned up several days ago so you shouldn't be feeling any slowness. The BBC story is dated today 27 March but this attack is old news. Spamhaus announced it on 20 March and Cloudflare blogged about it on the 20th (see http://www.spamhaus.org/news/article/694/ddos-update-20-march-2013)
May be old news but I am just now hearing about it. Also - not happy about spamhaus after digging deeper.
Spamhaus needs to be listed as a terrorist org and their list should be against the law to import into the US. Applying UK law to US mailers is just wrong
Apparently they are applying it to the whole world. IE cyberbunker
I wish I had a 300Gbps pipe. I have no idea what Id do with it. But it'd be awesome to have.
Spamhaus and similar services have their usefulness and should exist. Now maintaining that and offering staff to field issues is a real issue. People end up on lists and can't get off such and that is wrong.
300Gb/s. Cloudflare in write up graphs shows a burst to 100Gb/s. No 300.
But, yeppers, it is a biggie.
Cloudflare doing the rescue work? Hmm... I and suspicious about many of their claims. Think Anycast + many servers are what is keeping this from being a blackout. Same reason why Akamai hasn't been blasted offline, nor Google, nor Amazon... Raw CPU + BW all over the place.
Spamhaus is a bitch get over it. Many services absorb blacklist data from Spamhaus and sometimes it stays for many many days even we remove it from spamhaus.
And speaking of that 300Gbps I believe its real. Internet in Sri Lanka has slowed down today and every ISP is blaming on this attack.
Well that is just at spamhaus not thier name servers. they could be recieved multiple points of entry equalling 300gbps
True @24khost. Probably getting BW punches in other areas.
Alright, I wonder which provider/facility Spamhaus was/is hosting at...? That place has be getting kicked. Wonder if in UK.....
No, I don't think so. The problem should be solved with an actual solution, i.e. technical measure that prevents spam from being sent in the first place, such as a cryptographical proof of work. Blacklists are inaccurate and abuse-prone blacklists at best, and have the nasty side effect of making it appear like the problem is solved, thereby stalling development on real solutions.
In a pure sense yes @joepie91. We should engineer every solution until infinity.
Now show me providers and savvy users who do not employ blacklists, even be they their own creations.
Me, I think blacklists are effective, but need policed. Tracked when and why someone ended up on it. Given an initial block for timeout span (i.e. 1 hour). Then let the strikes and attacks accumulate and keep bumping them up.
So in essence, you bother me once, I ignore you for one hour. You do it more, I ignore you longer. Until the point where you are a huge issue, and perma ban.
Remember blacklist alternatives would require more overhead on DNS or similar new layer. Overhead and checks would add up, at least initially. Plus have to get everyone on board (good luck there).
But if the world was perfect and we all were in a garden with no wants, sure, let's write it
Their new blog post says it is actually 300 gbit/s:
http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet
Quote from their FAQ:
We often hear the excuse from US-based senders of Unsolicited Bulk Email ("Spammers") that: "My unsolicited bulk mailings comply with the U.S. CAN-SPAM Act which says that sending Unsolicited Bulk Email is not illegal!". In other words, "my spam meets the requirements of US Law therefore I should not be listed for sending it".
The U.S. CAN-SPAM Act does indeed not ban the sending of Unsolicited Bulk Email, it merely outlaws the sending of Unsolicited Bulk Email with false or misleading sender information (and other specified conditions).
The fact that sending Unsolicited Bulk Email, i.e: Spam, is not illegal in the U.S. or any particular country in no way overrides Spamhaus SBL Policy, nor overrides ISP spam filter policies. CAN-SPAM specifically permits all networks and Service Providers, including Spamhaus, to filter (prohibit/reject/block) incoming spam per each network's own policies. Nor does CAN-SPAM override ISP contracts, whose Terms & Conditions of Business (Acceptable Use Policies) all stipulate that sending Unsolicited Bulk Email is prohibited.
If you wish to send bulk marketing communications to Spamhaus users, you must abide by Spamhaus SBL Policy.
We often hear the excuse from UK-based senders of Unsolicited Bulk Email ("Spammers") that: "My mailings comply with the UK Privacy and Electronic Communications Regulations 2003 which says that sending Unsolicited Bulk Email to business addresses is not illegal!". In other words, "my spam meets the requirements of UK Law therefore I should not be listed for sending it".
The fact that sending Unsolicited Bulk Email is not illegal in a certain country in no way overrides Spamhaus SBL Policy, nor ISP spam filter policies. Nor does it override ISP contracts, whose Terms & Conditions of Service all stipulate that sending Unsolicited Bulk Email is prohibited.
If you wish to send bulk marketing communications to Spamhaus users, you must abide by Spamhaus SBL Policy.
Their service really has nothing to do with neither US or UK laws.
A cryptographical proof of work could most likely be written as an extension to SMTP.
Yes - that's the point of a cryptographical proof of work, as it primarily increases the overhead of e-mail sending for the sender, making it unreasonably expensive for a spammer to spam.
That's why you'd introduce a transitioning period where any proof-of-work-supporting mailserver could use any of the following two policies:
As implementation base grows over time, even the larger providers can start switching to the second policy.
If anything, that makes it worse.
I wonder how much Spamhaus is being used for other purposes than email @joepie91?
Reading the current about us sound eerily government in nature. Thus the big wig companies lending resources (i.e. Google).
SMTP extension, fine I say. Get to proposing it
That sounds like the Bitcoin waste of energy/computation model just for playing with oneself and CPU. Hardly a solution. The barrier would make it cost prohibitive to broadcast legitimate email and likely will extend to other technologies that start to replace email in the future. Ripe for taxation of sorts against email. Would cost prohibit small and sole proprietor style businesses.
I think what you propose sounds good minus those points.
@joepie91 do you have a whitepaper of your proposition, or are you just making shit up on the fly?
It is indeed similar to what Bitcoin (and Cloudflare!) use already.
Unlikely. The scale of spam is many many times larger than some of the largest mailing lists and notification delivery systems. Obviously, the proof of work would entail a 'difficulty' that only becomes a problem for spam-scale operations - without introducing a monetary tax (which is a terrible idea).
I am "making shit up on the fly", if that's what you want to call it, based on my knowledge of how other systems deal with automated abuse.
I read through another article (http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet) and I DID see 300 Gbps mentioned.
It also makes it prohibitively expensive to run a major mail service such as Hotmail or Gmail if you make the cryptographical proof requirement too high.
I have worked on mail servers before, in fact ,my main one currently uses spamhaus for the rbl but honestly it is a pain in the rear, look at the many major email providers out there who use them and have constant issues with being blocked for "spam" when they themselves have safeguards (quotas mostly as well as server rules) that keep them out of danger of being listed. im not going to name names but lets just say i see it on an almost weekly basis.