On Fri, Sep 23, 2016 at 10:13 PM, Jon Lewis wrote:
> On Fri, 23 Sep 2016, Christopher Morrow wrote:
>
> On Fri, Sep 23, 2016 at 9:24 PM, Jon Lewis wrote:
>>
>> On Fri, 23 Sep 2016, Patrick W. Gilmore wrote:
>>>
>>> Is CloudFlare able to filter Layer 7 these days? I was under the
>>>
impress
On Fri, 23 Sep 2016, Christopher Morrow wrote:
On Fri, Sep 23, 2016 at 9:24 PM, Jon Lewis wrote:
On Fri, 23 Sep 2016, Patrick W. Gilmore wrote:
Is CloudFlare able to filter Layer 7 these days? I was under the
impression CloudFlare was not able to do that.
There have been a lot of rumors ab
On Fri, Sep 23, 2016 at 9:24 PM, Jon Lewis wrote:
> On Fri, 23 Sep 2016, Patrick W. Gilmore wrote:
>
> Is CloudFlare able to filter Layer 7 these days? I was under the
>> impression CloudFlare was not able to do that.
>>
>> There have been a lot of rumors about this attack. Some say reflection,
>
On Fri, 23 Sep 2016, Patrick W. Gilmore wrote:
Is CloudFlare able to filter Layer 7 these days? I was under the
impression CloudFlare was not able to do that.
There have been a lot of rumors about this attack. Some say reflection,
others say Layer 7, others say .. other stuff. If it is Layer
> On Sep 23, 2016, at 5:39 PM, Hugo Slabbert wrote:
>
> If the attackers were hitting the GRE tunnel destination and spoofing the
> tunnel source that would make things harder, but that's starting to get into
> rather intimate knowledge of the scrubber's and customer's setup. I could
> still
Not at all. I refered to AUP's as a way people remove you from a service
when you use more of it then you are paying for.
On Fri, Sep 23, 2016 at 3:58 PM, Marcin Cieslak wrote:
> On Fri, 23 Sep 2016, jim deleskie wrote:
>
> > They were hosting him for free, and like insurance, I can assure you
A similar GRE attack was used against the Olympics:
"Once the Olympics got under way, LizardStresser along with a few other botnets
ramped up their attack against organizations affiliated with the Olympics. The
DDoS campaign launched attack traffic using the lesser-known IP protocol
Generic Rou
On Fri 2016-Sep-23 17:29:59 -0400, Jared Mauch wrote:
On Sep 23, 2016, at 5:24 PM, Hugo Slabbert wrote:
Please tell me why I can't spoof source IPs on a stateless protocol like GRE.
If he specifically meant you can't spoof a source, hit a reflector, and gain
amplification, sure, but I se
> On Sep 23, 2016, at 5:24 PM, Hugo Slabbert wrote:
>
> Please tell me why I can't spoof source IPs on a stateless protocol like GRE.
> If he specifically meant you can't spoof a source, hit a reflector, and gain
> amplification, sure, but I see zero reason why GRE can't have spoofed source
>
On September 23, 2016 12:15:26 PM PDT, Sven-Haegar Koch
wrote:
>On Fri, 23 Sep 2016, Mike wrote:
>
>> On 09/23/2016 11:30 AM, Seth Mattinen wrote:
>> > On 9/23/16 10:58, Grant Ridder wrote:
>> > > Didn't realize Akamai kicked out or disabled customers
>> > >
>http://www.zdnet.com/article/krebs-
Yes, they do (or advertise):
https://support.cloudflare.com/hc/en-us/articles/200170216-How-large-of-a-DDoS-attack-can-CloudFlare-handle-
Jörg
On 23 Sep 2016, at 21:26, Patrick W. Gilmore wrote:
Is CloudFlare able to filter Layer 7 these days? I was under the
impression CloudFlare was not able
We routinely mitigate L7s. Matthew is also on the record saying we've
seen and mitigated similar attacks to this one (based on available
information about this attack).
Justin Paine
Head of Trust & Safety
CloudFlare Inc.
PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D
On Fri,
Is CloudFlare able to filter Layer 7 these days? I was under the impression
CloudFlare was not able to do that.
There have been a lot of rumors about this attack. Some say reflection, others
say Layer 7, others say .. other stuff. If it is Layer 7, how are you going to
‘step in front of the can
FWIW, we have offered to help. No word so far. We're more than willing
to step in front of the cannon pointed his way.
Justin Paine
Head of Trust & Safety
CloudFlare Inc.
PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D
On Fri, Sep 23, 2016 at 11:58 AM, Marcin Cieslak wrote:
On Fri, 23 Sep 2016, Mike wrote:
> On 09/23/2016 11:30 AM, Seth Mattinen wrote:
> > On 9/23/16 10:58, Grant Ridder wrote:
> > > Didn't realize Akamai kicked out or disabled customers
> > > http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
> >
On Fri, 23 Sep 2016, jim deleskie wrote:
> They were hosting him for free, and like insurance, I can assure you if you
> are consistently using a service, and not covering the costs of that
> service you won't be a client for long. This is the basis for AUP/client
> contracts and have been going
On 09/23/2016 11:30 AM, Seth Mattinen wrote:
On 9/23/16 10:58, Grant Ridder wrote:
Didn't realize Akamai kicked out or disabled customers
http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
"Security blog Krebs on Security has been take
On 9/23/16 10:58, Grant Ridder wrote:
Didn't realize Akamai kicked out or disabled customers
http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
"Security blog Krebs on Security has been taken offline by host Akamai
Technologies following a D
Well, there’s always Cloudflare and Google that are willing to do it for free.
Let’s hope we won’t run out of free providers any time soon.. It’s a nice blog.
> On 23 Sep 2016, at 20:58, Grant Ridder wrote:
>
> Didn't realize Akamai kicked out or disabled customers
> http://www.zdnet.com/artic
My gigabit pipe was also DDOS attacked the same day my name appeared in Brian’s
story.
-mel
> On Sep 23, 2016, at 11:02 AM, Alex Wacker wrote:
>
> To be fair, he was getting the service for free. I wouldn’t really call
> that a paying customer. Still not great from a PR standpoint though.
>
While we are on topic of DDOS, it looks like it's quite a storm now.
According to this WHT post [1], some large server providers were
recently attacked, and many are still being attacked with quite a large
bandwidth, ie 1Tbps attacks against OVH. [2], [3]
Regards,
Filip
[1] http://www.webh
On Fri, Sep 23, 2016 at 2:58 PM, Grant Ridder
wrote:
> Didn't realize Akamai kicked out or disabled customers
> http://www.zdnet.com/article/krebs-on-security-booted-off-
> akamai-network-after-ddos-attack-proves-pricey/
>
> "Security blog Krebs on Security has been taken offline by host Akamai
>
They were hosting him for free, and like insurance, I can assure you if you
are consistently using a service, and not covering the costs of that
service you won't be a client for long. This is the basis for AUP/client
contracts and have been going back to the days when we all offered only
dialup i
On Sep 23, 2016, at 1:58 PM, Grant Ridder wrote:
>
> Didn't realize Akamai kicked out or disabled customers
> http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
>
> "Security blog Krebs on Security has been taken offline by host Akamai
> Tec
If you read the article, it is made clear he was "kicked off" of a free service
being provided. He was not a paying customer of Akamai and does not fault
Akamai for their decision.
From: Grant Ridder [shortdudey...@gmail.com]
Sent: Friday, September 23,
On Fri Sep 23, 2016 at 10:58:44AM -0700, Grant Ridder wrote:
> Didn't realize Akamai kicked out or disabled customers
They didn't - Krebs has publicly stated that Akamai were providing services
"Pro Bono" - and I guess the goodwill ran out :)
Simon
To be fair, he was getting the service for free. I wouldn’t really call
that a paying customer. Still not great from a PR standpoint though.
--
Alex Wacker
On September 23, 2016 at 2:00:10 PM, Grant Ridder (shortdudey...@gmail.com)
wrote:
Didn't realize Akamai kicked out or disabled customers
I believe the article says they were being hosted for free.
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com
- Original Message -
From: "Grant Ridder"
To: nanog@nanog.org
Sent: Friday, September 23, 2016 12:58:44
Once upon a time, Grant Ridder said:
> Didn't realize Akamai kicked out or disabled customers
Any business is likely to kick out customers that cost them much more
than they are being paid (under relevant contract terms of course).
Since his blog was being hosted for free, it isn't surprising tha
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG,
SAFNOG, SdNOG, BJNOG, CaribNOG and the RIPE Routing WG.
Daily listings are sent to bgp-st...@lists.apnic.
Didn't realize Akamai kicked out or disabled customers
http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/
"Security blog Krebs on Security has been taken offline by host Akamai
Technologies following a DDoS attack which reached 665 Gbps in siz
On Fri, Sep 23, 2016 at 8:50 AM, Shawn L wrote:
> What are people using to manage / send their outage notifications?
Hi Shawn,
I've been very impressed lately with https://www.pagerduty.com/
Nice control of a staff rotation. Distribution to multiple groups
depending on area of responsibility. V
What are people using to manage / send their outage notifications? We're
currently using a mostly manual process to identify customers that need to be
aware of an outage and send out e-mail at $dayjob. Looking for a way to
automate it more. I'd prefer something open source, but that's not a
On Thu, Sep 22, 2016 at 02:31:12PM +0200, Alexander Maassen wrote:
> Maybe its time then for a global accepted, unified way to send/report abuse???
There are -- see Valdis's followup.
But there's still no viable substitute for a working abuse@ address
with clueful eyeballs on the other side of it
On Mon, Sep 19, 2016 at 09:55:56PM +0200, Florian Weimer wrote:
> Github users create several orders of magnitude more SSH connections
> [snip]
Ah. I didn't know that. Thanks!
> Sure, and people already do this, and are not very flexible about it.
> Support staff isn't briefed, and claim they d
35 matches
Mail list logo
