# Fight Jams Internet



## teckk (Mar 27, 2013)

Fight Jams Internet
http://www.nytimes.com/2013/03/27/t...dispute-becomes-internet-snarling-attack.html


----------



## fonz (Mar 27, 2013)

teckk said:
			
		

> Fight Jams Internet
> http://www.nytimes.com/2013/03/27/t...dispute-becomes-internet-snarling-attack.html


This requires a login. Can you post a brief summary of what it says?


----------



## teckk (Mar 27, 2013)

No, it doesn't reqire login

Firm Is Accused of Sending Spam, and Fight Jams Internet

A squabble between a group fighting spam and a Dutch company that hosts Web sites said to be sending spam has escalated into one of the largest computer attacks on the Internet, causing widespread congestion and jamming crucial infrastructure around the world.......


Unless it's for US view only.....I never thought of that. Try going through a US proxy.
http://www.proxy4free.com/


----------



## _martin (Mar 27, 2013)

I'm viewing it from Slovakia and no login is required; I can see the text without problem.


----------



## fonz (Mar 27, 2013)

I tried it again just now and it still requires me to login to a NY Times account.


----------



## wblock@ (Mar 27, 2013)

http://blog.cloudflare.com/the-ddos-that-knocked-spamhaus-offline-and-ho


----------



## DutchDaemon (Mar 28, 2013)

http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet


----------



## throAU (Mar 28, 2013)

fonz said:
			
		

> This requires a login. Can you post a brief summary of what it says?



Cliffnotes:

Spammer-friendly ISP located in hardened bunker generates 300 gigabit D.O.S. on spamhaus.org servers after finding itself on the blocklist.


----------



## wblock@ (Mar 28, 2013)

And a less breathless followup: http://gizmodo.com/5992652/that-internet-war-apocalypse-is-a-lie


----------



## kpa (Mar 28, 2013)

Use of spamhaus services is your decision and if you set up your systems in such a way that they go down when spamhaus services are not available you're the one to blame.


----------



## break19 (Mar 28, 2013)

kpa said:
			
		

> Use of spamhaus services is your decision and if you set up your systems in such a way that they go down when spamhaus services are not available you're the one to blame.



The problem is, that this particular DoS uss DNS, fakes thousands of DNS requests to Spamhaus.. from other users.. Which then causes Spamhaus to send info BACK to those people.. slowing down traffic in the process.

It's not so much that these servers are "relying" on Spamhaus, it's that the traffic is overwhelming major backbone servers, and slowing down things for people who connect off those.


----------



## break19 (Mar 28, 2013)

However, it's slightly overblown.  Only certain connections are being overwhelmed. NOT the entire internet, as previously claimed.


----------



## Savagedlight (Mar 31, 2013)

More information related to the attack: https://isc.sans.edu/diary/Where+Were+You+During+the+Great+DDoS+Cybergeddon+of+2013+/15496


----------



## Savagedlight (Apr 1, 2013)

break19 said:
			
		

> The problem is, that this particular DoS uss DNS, fakes thousands of DNS requests to Spamhaus.. from other users.. Which then causes Spamhaus to send info BACK to those people.. slowing down traffic in the process.
> 
> It's not so much that these servers are "relying" on Spamhaus, it's that the traffic is overwhelming major backbone servers, and slowing down things for people who connect off those.



Everything I've read on the topic states that a bunch of open recursing DNS servers were queried with fake source addresses, making those servers send (large) replies to the intended victim. As Cloudflare didn't go down, they started hitting Cloudflares individual upstream providers instead.

I believe this method is also called DRDoS (Distributed Redirected Denial of Service), and I remember reading an article about it over at grc.com several years ago, although I can't find it now.


----------



## sossego (Apr 2, 2013)

Somewhere, somebody still has an unpatched version of ping.......


----------

