digg

Facebook Connect Join Digg About
See the original image at news.cnet.com

Study: DDoS attacks threaten ISP infrastructure

news.cnet.com Arbor Networks finds that DDoS attack sizes doubled last year and were more diverse in nature, taxing the IT security resources at most Internet carriers.

Who dugg this? Made popular Nov 12, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

50 Comments

show profanity settings
expand all
  • braincrust, on 11/12/2008, -1/+21Wow. A company that makes Anti-DDOS gear discovered that, based on a sample size of 70 people surveyed, there is a need for Anti-DDOS gear. Stop the presses. This is huge.
  • cyrusuncc, on 11/12/2008, -4/+24Lets attack the source of the problem instead of treating the symptoms. The source is stupid people clicking on/downloading/installing things they should not do and get added to a botnet. Perhaps a competency test before being allowed access to the Internet?
  • muppethouse, on 11/12/2008, -1/+15I happen to work at a tier-1 ISP on DDoS systems and I call shenanigans. The Arbor survey results do not reflect my view of reality. I believe they are taking the highest number reported in their survey and slapping that on this graph for impact. As a seller of DDoS detection and mitigation software they have every incentive to portray the problem as being very large. 40Gb/s would saturate an OC-768, that is enough to take down most / all tier-1 ISPs - not to mention that I doubt Arbor sells a product at any price that could filter 40Gb/s of attack traffic to a single destination. Unless a potential DDoS target has an OC-768 connection this would be wasteful overkill for an attacker.
  • frmatc, on 11/12/2008, -1/+11This seems rather coincidental. I could graph the total DDoS attacks since 1900 and the "sudden" spike in the last decade would also no doubt be very disturbing.

    I'd be curious to see a comparison graph of total bandwidth in the same infrastructure and how much of that is available to the average user.
  • muppethouse, on 11/12/2008, -3/+12If you find a way to solve the "stupid people" problem you may be in line for a Nobel Prize. I believe that homogeneity in operating systems turns malicious software into a viable business model. If everyone were not running Windows XP and Internet Explorer would we still have the same issue?
  • PresidentSoup, on 11/12/2008, -0/+7it's probably just all the *chan wars goin on. this is why we can't have nice things.
  • frostbit3, on 11/12/2008, -0/+7No *****, What's next, someone's going to show me a study that glass windows are at risk when rocks are thrown at it...

  • NexusV2, on 11/12/2008, -4/+11I bet it's all the script kiddies showing off to their friends.
  • benologist, on 11/12/2008, -0/+4Don't forget that they also discovered that DDoS attacks which are generally supposed to bring down networks.... threaten networks!!
  • smotpoker, on 11/12/2008, -0/+3The solution is simple. ISPs clearly do not wish to implement any such solution because it will cost them money.

    NIDS+SNMP+TOS enforcement.

    It is not hard to detect and verify worm or ddos activity, nor is it hard to filter. ISPs simply refuse to do anything to restrict it until it reaches a point where traffic from a specific connection becomes a liability (typically, until they receive complaints regarding a specific IP). They do not hold people accountable for negligence (being an unwitting ddos drone) because there are so many it might affect their profit margins.

    Rather than deal with individual connections, though it could be [almost] entirely automated, they prefer to deploy blanket policies/"solutions" that impact/punish all users (p2p throttling, port filtering, etc) rather than those who are an actual problem.
  • JesseJ, on 11/13/2008, -0/+2I think that the people who are behind DDoS attacks.. when they are caught, I think they should be burned alive (slowly) and the burning should be on youtube and in HD as an torrent. That could be a nice warning. Same thing for spammers.


    Ah yeah well.. ahum.. if it is not used against something like scientology.. then it is ok.
  • smotpoker, on 11/12/2008, -0/+2The "stupid people" problem is really more of a "lazy/greedy people" problem. We cultivate a culture of ignorance, which tech companies/professionals choose to facilitate and exploit for profit rather than confront it logically.

    Larger companies simply do not care about quality or protection for their customers if there is the slightest chance it could lower profit margins. They are focused strictly on increasing profit margins by getting/keeping customers and increasing prices
  • jcaino, on 11/12/2008, -0/+2Not to mention that many of these zombie boxes are also used as spam relays as well. The ISPs could easily stop this, they just don't want to deal with the fallout. You think Comcast honestly wants to pony-up to pay techs to confirm that someone's computer is now 'clean?' Heck no, even though they probably could find a way to gouge the customer for this additional service, as they're quite proficient at that.
  • YodaJones, on 11/12/2008, -0/+2Run Linux. Problem solved.
  • 3Den, on 11/12/2008, -2/+4IT's not. It's people extorting money out of other businesses.
  • jrattner1, on 11/12/2008, -0/+2Agreed, online extortion is at an all time high.
  • pintomp3, on 11/12/2008, -2/+4correlation != causation. if anything you proved his point. clicking and installing stuff from untrustworthy sources tend to get you infected. the bait could be pirated software, picture of naked girls, or protecting your bank account.
  • misilman, on 11/12/2008, -0/+2LOIC FTW!!
  • cesar33, on 11/12/2008, -0/+2I think this has already been studied. Why is this news?
  • cyrusuncc, on 11/12/2008, -0/+2I'm sure their opinion is totally objective
  • wshs, on 11/14/2008, -0/+1@BaK1
    Actually, most spam originates from the United States, and is relayed through China and Korea, as evidenced by the 40%+ drop in spam worldwide after the shutdown of a single company, US based McColo. Prior to that, spam also took a noticeable dip after Alan Ralsky, an American, was arrested and had his equipment seized.
  • sexybobo, on 11/12/2008, -0/+1What i was saying though is steam a person paying for there internet connection was using 70Gb/s it is nothing compared to the through put of a large isp. Also the 40Gb/s is the amount of data being generated not the amount of data going across the network the majority of the DDOS traffic gets killed by the isp as soon as it hits their networks.
  • inactive, on 11/12/2008, -0/+1I think if they wanted to ISPs could trivially both detect and instantly cut off all 0wn3d computers, and they don't because they LIKE THE MONEY sent in by grandparents on AOL who literally will click on ANY url that hits their inboxes. Detecting this ***** CAN'T be that hard now, either, but now the ISPs hopefully have a bit more motivation to FINALLY do something, even if it pisses off granny & gramps. I think this process could have been speeded up if some of the useless lawyers lying around this country would have sued some of these deliberately-ignorant ISPs. The anti-DDOS business is huge, but the place to stop it is at the ISP, which can block its own individual customers if they everinhell get motivation. IMO.
  • antiver, on 11/12/2008, -0/+1Yarr, I thought we gents be the greatest, grandest threat to ISP infrastructure..?
  • Tarnum, on 11/12/2008, -0/+1You said it: They need the money from the mom&pop users.
    It's not hard for the ISPs to implement egress filtering, but most of them don't care. The thing is, most DDoS victims are shady businesses – off-shore casinos, online pharmacies, spam-friendly ISPs, etc., so nobody cares that much about them.
  • bratterscain, on 11/12/2008, -0/+1pintomp3, yes, I just stated that.

    mhmandthen, if you knew anything about viruses, you'd know how easy they are to fake and how many false positives show up sometimes. There's also not much sense in telling me what to do to download warez that don't have viruses as I don't download warez. And if you think that's all there is to avoiding them, you're missing a lot.
  • cyrusuncc, on 11/12/2008, -0/+1Perhaps someone could develop an Internet simulation where the user is required to go to various sites, and is randomly given popups. Some would have flashing backgrounds telling them they are a winner, and others asking the user to install some activex control in order to continue, etc... If the user follows through on any of these they fail.
  • mhmandthen, on 11/12/2008, -3/+4That's why you only download from the reputable torrent sources. And it's also why there is a section on almost every torrent site called "COMMENTS" where people can discuss whether or not a certain file has a virus.
  • r3bol, on 11/12/2008, -1/+2as long as you're attacking the COS, its ok.
  • ultraseamus, on 11/12/2008, -0/+1A sad realization I came to recently is that, the nonsense charges they want to implement for going over set internet usage would probably actually be an effective tool against DOS attacks.
  • Andrwmorph, on 11/12/2008, -0/+1buffering...
  • JonForTheWin, on 11/12/2008, -0/+1If the FCC wasn't such a little bitch we'd have so much bandwidth we wouldn't have to worry about this sorta thing.
  • bigteebo, on 11/12/2008, -1/+2The biggest problem in 1900 that compared was "telegraph griefing". The hacker group "23 skidoo" claimed credit for the morse code based-attacks.
  • gazzerh, on 11/12/2008, -0/+1Ban Microsoft Windows machines from using the internet.

    Problem solved.
  • cyrusuncc, on 11/12/2008, -2/+2dugg for shenanigans
  • oninbonin, on 11/12/2008, -0/+0That's what they are saying though, is that if it doubles next year following this "trend" then they will be using 80Gb/s or more.
  • Wargala, on 11/12/2008, -0/+0Then the size of Digg users would go down dramatically.
  • smurfcheese, on 11/12/2008, -0/+0Anon is stirring. Soon, soon
  • diggfan75, on 02/20/2009, -0/+0I think A sad realization I came to recently is that, the nonsense charges they want to implement for going over set internet usage transport would probably actually be an effective transport tool against DOS attacks.
    http://www.abcourses.fr
  • pintomp3, on 11/12/2008, -2/+2my jerking has been jerky.
  • BaK1, on 11/12/2008, -0/+0most spam originates from china/korea. There are about 20 ISPs (out of tens of thousands) which are responsible for 40% of the spam. read "Understanding the Network-level Behavior of Spammers" from SIGCOMM 2006

    and ISPs DO implement DDoS protection for businesses because they make money off it (read the original report in the link). Maybe they have incentive not to stop the botnets because then DDoS protection would be meaningless...
  • PeterKT, on 03/29/2009, -0/+0For jobs in the Caribbean visit one of these useful sites
    http://www.caribbeanjobsonline.com http://livejobs.wordpress.com http://canouanisland.wordpress.com http://intjb.wordpress.com http://www.caribbeanjobs.blogspot.com http://monsterjobs.wordpress.com http://caribbeancareers.wordpress.com http://vickigreenaway.wordpress.com
  • inactive, on 11/12/2008, -0/+0Shake it but don't break it!
  • linksus, on 11/12/2008, -2/+1Then get a DDoS protection card.
    Cisco do these for large isp's to protect their infrastructure and they work well.
  • misilman, on 11/12/2008, -5/+4/b/?
  • anshuman, on 11/12/2008, -2/+1well. lets make this criminal and put guys behind bars. ( i know its criminal already but not much being done )
  • Fetching more discussions...
    Show 51 - 54 of 54 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.