Hey, Did you get the attack promised ? after 1 week after notice ?
Today we've been warned and got some udp flood for 3 hours. On Tue, May 25, 2021 at 2:14 PM Jean St-Laurent via NANOG <nanog@nanog.org> wrote: > I don’t believe that these companies are complicit at high level. > > My guess is that there are some business salesmen working there that needs > to fulfill their monthly quota of new clients. > > > > What is usually common, is that when face by a DDoS for the first time > without the proper tooling, it sounds like it’s an impossible task to > solve. The knowledge on internet is pretty limited on the topic. > > It takes months and sometimes years to configure all the DDoS gates. > Rolland’s ppt is a nice place to start as it has valuable knowledge. It’s > just tough to figure out what is best for you. > > > > The truth is, it will be more beneficial to your organisation in the > medium/long term if you start learning and improving your DDoS defenses now > than to rely 100% on DDoS mitigators. > > These companies are fantastic when you protect slow assets like Credit > card transactions. The customer don’t really care if his transaction to > validate the CC takes 4 seconds instead of 3. > > > > In the end, DDoS mitigations is not more complex than what you are used to > do daily. Protect your routers, protect the control-plane, protect the SSH > lines, etc. It’s just a different kind of protections. > > > > Let me know if you need some advices or hints, because I’ve spent some > freaking long hours fighting them and together we have a better chance to > win and not pay ransom from blackmails. > > I don’t have all the answers on DDoS, but maybe I have the one that you > are looking for. > > > > The moment you become very resilient to DDoS attacks, your customers will > thank you and also support staff that will see the DDoS bounce like > mosquitoes on the windshield of your car at 90 Mph. > > > > Start learning now and start improving your DDoS. This won’t go away > anytime soon. > > > > Jean > > > > > > *From:* jim deleskie <deles...@gmail.com> > *Sent:* May 24, 2021 12:38 PM > *To:* Jean St-Laurent <j...@ddostest.me> > *Cc:* NANOG Operators' Group <nanog@nanog.org> > *Subject:* Re: DDoS attack with blackmail > > > > While I have no design to engage in over email argument over how much > latency people can actually tolerate, I will simply state that most people > have a very poor understanding of it and how much additional latency is > really introduced by DDoS mitigation. > > > > As for implying that DDoS mitigation companies are complicit or involved > in attacks, while not the first time i heard that crap it's pretty > offensive to those that work long hours for years dealing with the > garbage. If you honestly believe anyone your dealing with is involved with > launching attacks you clearly have not done your research into potential > partners. > > > > > > > > On Sat., May 22, 2021, 11:20 a.m. Jean St-Laurent via NANOG, < > nanog@nanog.org> wrote: > > Some industries can’t afford that extra delay by DDoS mitigation vendors. > > > > The video game industry is one of them and there might be others that > can’t tolerate these extra ms. Telemedicine, video-conference, fintech, etc. > > > > As a side note, my former employer in video game was bidding for these > vendors offering DDoS protection. While bidding, we were hit with abnormal > patterns. As soon as we chose one vendors those very tricky DDoS patterns > stopped. > > I am not saying they are working on both side, but still the coincidence > was interesting. In the end, we never used them because they were not able > to perfectly block the threat without impacting all the others projects. > > > > I think these mitigators are nice to have as a very last resort. I believe > what is more important for Network Operators is: to be aware of this, to be > able to detect it, mitigate it and/or minimize the impact. It’s like magic, > where did that rabbit go? > > > > The art of war taught me everything there is to know about DDoS attacks > even if it was written some 2500 years ago. > > > > I suspect that the attack that impacted Baldur’s assets was a very easy > DDoS to detect and block, but can’t confirm. > > > > @Baldur: do you care to share some metrics? > > > > Jean > > > > *From:* NANOG <nanog-bounces+jean=ddostest...@nanog.org> *On Behalf Of *Jean > St-Laurent via NANOG > *Sent:* May 21, 2021 10:52 AM > *To:* 'Lady Benjamin Cannon of Glencoe, ASCE' <l...@6by7.net>; 'Baldur > Norddahl' <baldur.nordd...@gmail.com> > *Cc:* 'NANOG Operators' Group' <nanog@nanog.org> > *Subject:* RE: DDoS attack with blackmail > > > > I also recommend book Art of War from Sun Tzu. > > > > All the answers to your questions are in that book. > > > > Jean > > > > *From:* NANOG <nanog-bounces+jean=ddostest...@nanog.org> *On Behalf Of *Lady > Benjamin Cannon of Glencoe, ASCE > *Sent:* May 20, 2021 7:18 PM > *To:* Baldur Norddahl <baldur.nordd...@gmail.com> > *Cc:* NANOG Operators' Group <nanog@nanog.org> > *Subject:* Re: DDoS attack with blackmail > > > > 20 years ago I wrote an automatic teardrop attack. If your IP spammed us > 5 times, then a script would run, knocking the remote host off the internet > entirely. > > > > Later I modified it to launch 1000 teardrop attacks/second… > > > > Today, contact the FBI. > > > > And get a mitigation service above your borders if you can. > > > > > > —L.B. > > > > Ms. Lady Benjamin PD Cannon of Glencoe, ASCE > > 6x7 Networks & 6x7 Telecom, LLC > > CEO > > l...@6by7.net > > "The only fully end-to-end encrypted global telecommunications company in > the world.” > > FCC License KJ6FJJ > > > > > On May 20, 2021, at 12:26 PM, Baldur Norddahl <baldur.nordd...@gmail.com> > wrote: > > > > Hello > > > > We got attacked by a group that calls themselves "Fancy Lazarus". They > want payment in BC to not attack us again. The attack was a volume attack > to our DNS and URL fetch from our webserver. > > > > I am interested in any experience in fighting back against these guys. > > > > Thanks, > > > > Baldur > > > > > >
