And if internet backbone companies can ascertain the attack command used in a memcached DDoS, they can get ahead of malicious traffic by blocking any memcached packets of that length. Groups like Prolexic that defend against active DDoS attacks have already added or are scrambling to add filters that immediately start blocking memcached traffic if they detect a suspicious amount of it. The infrastructure community has also started attempting to address the underlying problem, by asking the owners of exposed memcached servers to take them off the internet, keeping them safely behind firewalls on internal networks. "Their sheer volume can have a negative impact on the ability of networks to handle customer internet traffic." "Large DDoS attacks such as those made possible by abusing memcached are of concern to network operators," says Roland Dobbins, a principal engineer at the DDoS and network-security firm Arbor Networks who has been tracking the memcached attack trend.
That barrage peaked at 1.2 terabits per second and caused connectivity issues across the US as Dyn fought to get the situation under control. The scale of the attack has few parallels, but a massive DDoS that struck the internet infrastructure company Dyn in late 2016 comes close. After eight minutes, attackers relented and the assault dropped off. Prolexic took over as an intermediary, routing all the traffic coming into and out of GitHub, and sent the data through its scrubbing centers to weed out and block malicious packets. Within 10 minutes it had automatically called for help from its DDoS mitigation service, Akamai Prolexic.
GitHub briefly struggled with intermittent outages as a digital system assessed the situation. It was the most powerful distributed denial of service attack recorded to date-and it used an increasingly popular DDoS method, no botnet required. On Wednesday, at about 12:15 pm EST, 1.35 terabits per second of traffic hit the developer platform GitHub all at once.
0 kommentar(er)
