• 0
Sign in to follow this  
Followers 0

Cyberbunker vs Spamhaus

Question

Posted

Have you guys noticed a slowdown in loading of a lot of major sites in the last few days

Now all over the new they are talking about the amount of data being flooded in Spamhaus way is affecting legit webpage such as Natwest and RBS

Has anyone else noticed a difference

Share this post


Link to post
Share on other sites

8 answers to this question

  • 0

Posted

I read up on yesterday and read some articles on cyberbunker's site, ironically the only site going slow for me was theirs.

Share this post


Link to post
Share on other sites
  • 0

Posted

Nope, not noticed any difference at all.
But that's probably because my connection is s***house anyway and couldn't get much worse.

Share this post


Link to post
Share on other sites
  • 0

Posted

It might just be coincidence but I've noticed quite a few pages loading slower, as well as my download speed being affected quite dramatically.

Then again, I've also been on the receiving end of internet connection issues anyway, so maybe it's just that.

It's a little disconcerting that an external group of people can [i]literally[/i] make the internet crawl to a halt. I didn't think that was feasible.

Share this post


Link to post
Share on other sites
  • 0

Posted

Nope, working fine for me...

CloudFlare are doing an exceptional job at mitigating the DDoS against Spamhaus (especially when it has been hitting upto ~300Gbps).


[quote name='The Teej' timestamp='1364466848' post='595603232']
<snip>
It's a little disconcerting that an external group of people can [i]literally[/i] make the internet crawl to a halt. I didn't think that was feasible.
[/quote]

Well, they're using an ampliication technique on the way DNS handles UDP requests to multiple the attack bytes... so yes it's feasible to grind things to a halt.

Share this post


Link to post
Share on other sites
  • 0

Posted

[quote name='The Teej' timestamp='1364466848' post='595603232']
It might just be coincidence but I've noticed quite a few pages loading slower, as well as my download speed being affected quite dramatically.

Then again, I've also been on the receiving end of internet connection issues anyway, so maybe it's just that.

It's a little disconcerting that an external group of people can [i]literally[/i] make the internet crawl to a halt. I didn't think that was feasible.
[/quote]

My Internet connection speed dropped by over 50% this week, never happened before at those particular times of the day. Could be coincidence.

Share this post


Link to post
Share on other sites
  • 0

Posted

[quote name='The Teej' timestamp='1364466848' post='595603232']
It's a little disconcerting that an external group of people can [i]literally[/i] make the internet crawl to a halt. I didn't think that was feasible.
[/quote]

They are using a DNS reflection attack

[quote]A DNS amplification attack (aka DNS reflection attack) is a type of distributed denial of service (DDos) attack that takes advantage of the fact that a small DNS query can generate a much larger response. When combined with source address spoofing, an attacker can direct a large volume of network traffic to a target system by initiating relatively small DNS queries.

The amplification factor in this type of attack depends on the type of DNS query and whether or not a DNS server (used as a middleman in the attack) supports sending large UDP packets in a response, which is a feature intended to optimize DNS communications. If a DNS server does not support large (>512 bytes) UDP packets in a response, it can revert to TCP. This reduces the effectiveness of an amplification attack because TCP is much less vulnerable to source address spoofing.[/quote]
1 person likes this

Share this post


Link to post
Share on other sites
  • 0

Posted

[quote name='Haggis' timestamp='1364468347' post='595603266']
They are using a DNS reflection attack
[/quote]

I have now learned something today! Thank you!

Share this post


Link to post
Share on other sites
  • 0

Posted

Its not that big a deal, its only Spamhaus that are really feeling the pain of it. Pretty much everyone else shouldn't notice anything

The media is hyping it up, much like how the internet survives an earthquake. Its the internet, lots of interconnected nodes, if one bit breaks (which happens almost daily) the rest carries on until that bit comes back - look up BGP for more information about routing on the internet.

Worst case scenario is that a link between one location and another that has no redundancy goes down, in which case that part is cut off from the rest until service is restored. In the case of this Spamhaus attack it might mean a website is responding a bit slower as the traffic on a particular link is heavy, but you will only really notice if you are accessing something over one of those links.
Most likely people in America haven't noticed a thing especially if they are only accessing local US websites

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.