Domain: arbor.net
Stories and comments across the archive that link to arbor.net.
Comments · 7
-
Re:Russia - cybercrime capital of the worldRussia - cybercrime capital of the world
According to the site mentioned in the article, Russia comes in at #17 in the attacks by country breakdown at the bottom of the page. It covers scanning, fingerprinted attacks, and DDoS attacks (no spam). The number 1 country is the good 'ole USA. We're #1! We're #1!
-
Re:US Leads the World In Malware Creation!?!
For a day to day assessment for the USA's position with regard to DoS attacks, botnets, phishing, and scanning, check out this page and look at the bottom chart. You can see the number one ranked country, ASN, and host for each category.
-
Blunt Marketing?
First of all, some more details about this project can be found here.
There is nothing new about the idea, in fact, it's long overdue. There is however something new in the idea having a practical implementation. The problem so far was that various network operators use very different hardware and software to monitor their networks (if at all..), thus, the idea of a 'fingerprint' may vary. Sharing becomes difficult.
By standarlizing on one platform (Arbor Networks PeakFlow SP), this becomes possible. All operators have the same device, which, coupled with this functionality, can finally bring this idea to life.
PeakFlow SP are Intel/OpenBSD boxes with additional Arbor software. They do however retail for 120,000$ per collector unit, and a collector unit can only proccess data from up to 5 devices (usually routers which export NetFlow formatted data). This is quite a steep entrance fee to pay for the pleasure; and many of the smaller players will never be able to afford this.
In fact, it's all not much more than clever marketing for overpriced Arbor devices; without the initiative, you can easily look toward other products (Cisco GuardXT, ex-Riverhead, many others). With the initiative, you now have a bit more of a reason to send $120,000 to Arbour.
Expect every security vendor to have a similar central fingerprinting repository soon. Non-compatible with one another, ofcoure.
-
Shonkey provider alert
The culprits are primarily unknown, but these sites were flooded beyond control from the attack.
'flooded beyond control' indeed - 'beyond control of the group monkeys pretending to be network administrators' might be a more accurate summary.
My advice is to get a better provider, one with Arbor's Peakflow or similar home grown solution in place, for example. -
Re:I'm not a very good network admin
I am a network engineer for a large ISP. When people ask me what we can do to prevent DDoS attacks I say the same thing. We've got pretty large pipes, so attacks of a couple hundred megs don't really affect any customers other than the intended. Even still, the only thing we can do is respond to the attack once it occurs.
The only effective prevention tool that I know of is available from a company called Arbor Networks. Unfortunately, the tools are very expensive and not really applicable for the individual user. -
Yes
-
Research paper
It's irritating how people don't even read the BBC quick-article, but for those who actually want to know what the researchers figured out: the paper is here; it's in Acrobat format, sigh.