Traceback of a DDoS Attack
janeiro 1, 2018
An abnormal increase in the CPU usage of a telecom carrier’s 4G firewall substantially slowed down the access from some iPhone users to the Apple website. We suspected that the carrier was hit by a DDoS attack. With the visualized traceback function of NSFOCUS Big Data Security Analytics (BSA), we made a drill-down analysis of […]
Doing It Better
janeiro 21, 2016
Track: Technical
Author: Stephen Gates, Chief Research Intelligence Analyst, NSFOCUS
Flying at 40,000 feet above the ground always gives one a sense of clarity. Looking down on the world from such a height can make a person feel somewhat insignificant. However, my trip today is very noteworthy. I will be landing in Las Vegas in a few hours and the next four days will be filled with excitement, entertainment, and education. I am not going to Vegas for the adult playground activities like many of my fellow passengers. I am going there to attend the most exciting event of my career; the 2016 Sales Kickoff for a widely-unknown company in the U.S. called NSFOCUS IB. (mais…)
Anatomy of an attack: network bandwidth exhaustion
janeiro 5, 2016
Track: Technical
Author: Vann Abernethy, Field CTO, NSFOCUS
DDoS attacks come in three basic flavors: network-layer, application-layer and a hybrid of the two. This is a somewhat simplistic view but when you look at the strategy for taking someone down via DDoS, the two primary vehicles are either exhaustion of available network bandwidth or the overwhelming of back-end processing power (which can be directed either at the server system itself or the applications residing on them). The most efficient approach to take down a target will depend on the target itself. This is why it is important for every company to consider all of the assets that could become targets when designing anti-DDoS protection. (mais…)
DDoS attacks – more than just disruption?
dezembro 21, 2015
Track: General Security
Author: Vann Abernethy, Field CTO, NSFOCUS
Distributed Denial-of-Service (DDoS) attacks have been around for decades and have been increasing in popularity due to the relative ease in carrying one out. Traditionally, the purpose of these attacks has been to make a site or service unavailable to its intended users for some duration via either flood-type attacks or application-layer attacks (which are smaller, but just as effective) that overwhelm the target’s network or systems. (mais…)
Anatomy of an attack – DNS amplification
dezembro 14, 2015
Track: Technical
Author: Vann Abernethy, Field CTO, NSFOCUS
DNS amplification attacks ramp up the power of a botnet when targeting a victim. The basic technique of a DNS amplification attack is to spoof the IP of the intended target and send a request for a large DNS zone file to any number of open recursive DNS servers. The DNS servers blindly respond to the request, sending the large DNS zone response to the attack target. (mais…)
Modern DDoS attacks: When Moore’s law meets Darwin’s Theory of Evolution
dezembro 4, 2015
Author: Dave Martin, Director of Product Marketing, NSFOCUS
What would happen if you combined Moore’s law with Darwin’s Theory of Evolution and applied them to DDoS attacks? Unfortunately, modern DDoS attacks seem to embody this idea perfectly as both the frequency and complexity of these attacks have become truly staggering in just a short amount of time.