Slashdot Mirror
Largest DDoS In History Reaches 300 Billion Bits Per Second
An anonymous reader writes "The NYT is reporting that the Largest DDoS in history reached 300 Gbps. The dispute started when the spam-fighting group Spamhaus added the Dutch company Cyberbunker to its blacklist, which is used by e-mail providers to weed out spam. Millions of ordinary Internet users have experienced delays in services like Netflix or could not reach a particular Web site for a short time. Dutch authorities and the police have made several attempts to enter the bunker by force but failed to do so. The attacks were first mentioned publicly last week by Cloudflare, an Internet security firm in Silicon Valley that was trying to defend against the attacks and as a result became a target."
The dispute started when the spam-fighting group, called Spamhaus, added the Dutch company Cyberbunker to its blacklist, which is used by e-mail providers to weed out spam.
I think what they meant to say here was: "The dispute started when the spam-fighting group Spamhaus, which maintains a blacklist used by e-mail providers to weed out spam, added the Dutch company Cyberbunker to its blacklist."
Your political party doesn't care about your rights and only represents corporate interests.
The summary makes it sound like the Cyberbunker is a physical location. If so, a wire cutter should cut off it's access to the inter webs.
Guess what.. If they ever find out who is responsible: I'll bet you $10 that it will be a 15 year old without friends.
I'm not a complete idiot... Some parts are missing.
“These things are essentially like nuclear bombs,” said Matthew Prince, chief executive of CloudFlare. “It’s so easy to cause so much damage.”
relax dude, its just spam, not nuclear warfare. shut the computer off and go outside for a couple of hours.
WARNING: if you attempt to RTFA, you will also be bombarded by a DDOS of spam ads. I appreciate the realism but it's kinda annoying.
I find it very interesting that they are using a variation on the Old Smurf attacks for this. Sending a message to other places that work as an amplifier. You would think that after 10 years we would have learned that blind, unchecked, forwarding is not a good thing.
Papa Legba come and open the gate
Cutting their communication lines was the first thing I thought of too. Then cutting their power lines. I may not have enough cofee in me to calm me down this morning but visions of the Dirty Dozen dumping fuel and grenades into their bunker came to mind. }:D
With an operator no doubt facilitating illegal actions of their customers, and refusing to no doubt enfore court orders to disconnect their customers for said actions, couldn't a case be made to disconnect them from THEIR upstream providers because they are now acting illegally but not following court orders, presuming that their upstream providers follow court orders, and the upstream upstream until you get to a legitimate entity. It seems quite an shortcoming of the law that they can act with impunity while allowing their customers to bring down the very fabric of the world wide web.
From TFA:
In other words: Cyberbunker is not currently under assault by police, and we have only their word that they ever have been. I suspect that at one time they were successful in having visiting cops think nobody was home by being real quiet and quickly turning off all the lights.
From TFA:
Cyberbunker brags on its Web site that it has been a frequent target of law enforcement because of its “many controversial customers.” The company claims that at one point it fended off a Dutch SWAT team.
The only mention of "Dutch authorities and police" comes from the Cyberbunker company itself. The article is badly written, so it's not completely clear (from the context) whether or this claim is related to the current dDOS the company is running. The writer doesn't appear to have talked to anyone in Holland - except perhaps the self-styled spokesman for Cyberpunker.
#DeleteChrome
From the article it suggests that the company was able to defend against there SWAT... can anyone that is fluent in Dutch find an article on that? I've tried looking for it in english but have had no luck. Sounds like quite the story.
Still not sure why authorities didn't break out the fiber seeking backhoe to solve this problem if that company is legitimately holed up in what sounds like a minor siege.
Who'd they piss off?
Spamhaus must be costing somebody (or some people) a LOT of money to draw such a massive attack.
I admire their balls -- Spamhaus are fighting serious and organised criminals, people who are perfectly capable of raping and murdering folks who get in their way. It wasn't so long ago that the Russian mafia targeted a Russian security specialist by kidnapping his daughter, raping her, injecting her with heroin and selling her into slavery.
They are not very nice people at all, and shouldn't be fucked around with. Picking fights with organised criminals should be left to law enforcement.
So where is the evidence that Cyberbunker has anything to do with this?
I appreciate the things the Spamhaus people do, but they don't exactly have a spotless record when it comes to accurately pointing fingers.
While the bunker itself is designed to withstand a nuclear blast, the doors are the weak point.
A thermal lance can cut through the door while also able to make a nice hold in the concrete walls into which explosives of various types can be implanted.
As others have said, cut the communication and electrical lines and let them fend for themselves. They may have food and fuel, but they can't last forever.
On second thought, cut the electricity and communication, then pile tons of rubble in front of the doors to prevent them from coming out once they exhaust their supplies.
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
The bunker is was designed to survive a nuclear war. I wouldn't be surprised if they have considerable fuel reserves.
http://bbc.co.uk/news/technology-21954636
No b/s subscription paywall nonsense
Well, I'd assume to be online they're probably going to have some sort of fiber-optic connection. Even if it's redundant, it's going to plug into the greater infrastructure somewhere and it shouldn't be *too* hard to sever if the police really had a mind to do so.
From TFA:
“Nobody ever deputized Spamhaus to determine what goes and does not go on the Internet,” Mr. Kamphuis said. “They worked themselves into that position by pretending to fight spam.”
I'd rather not have to consult Spamhaus blacklists on my mail servers to block incoming email. I know that if I removed it my bandwidth would be clogged and the amount of work done by my servers to deal with spam would increase many fold. So I use Spamhaus blacklists and it makes me feel dirty. It's the wrong solution to the problem of spam. Surely we should be able to come up with something better.
Spamhaus has been going for 15 years. Look at the other technological advances in that time why don't we have an effective, agreed upon, resolution to the problem of spam? Perhaps the best thing would be for Spamhaus to shut up shop, to stop providing the DNS lists. For mail servers to stop filtering and marking the spam. Let the size of the problem manifest itself. Perhaps then we will get a concerted effort to stop it rather than mitigate the impact.
You may think me a tired, old, cynic. I'd have to disagree about the tired bit.
IF its a DDOS, then losing control of the stupid little robots will not make it stop, they will just be unstoppable. If you want to prevent DDOS, then you need to force ISPs to perform egress filtering of source addresses that are outside of their network. And also implement a choke protocol to inform the ISPs that they have a bad actor on their network.
That can't last real long even if they have generators and they can easily do it from outside.
Except the part where the bunker was designed to be able to last 10 years on its own in the case of war? I'm pretty sure they can last quite a long time.
The real question is: what authority did the police have when they attempted entry? If they are just going to execute a search warrant, they can break down the door but they are not authorized (or equipped) to blow it up. They are certainly not authorized to just cut off power or comms to a place of business in case of an ordinary house search. That however could change now that they are involved in a large (and most certainly illegal) DDOS attack. It is not certain when they'll go offline, but this could well spell the end of Cyberbunker, and if they are proven to be behind this attack, some people will be facing criminal charges and jail time as well.
I doubt very much that "authorities have made several attempts to enter". A quick search turns up no references to any such attempt except on the Cyberbunker site. That picture doesn't show SWAT but ordinary riot police, used to evict squatters or quell riots, or (in rare cases) when doing large scale house searches where real crowd control trouble is expected (like in gypsy / Roma campsites). They have no reason to be here... perhaps they where on exercise or got sent to the wrong address. Authorities have made several requests for search warrants, and some of those were turned down. The rest appears to be just bluster from Cyberbunker.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
Cut the power and wait them out. Time is on the authorities side. It would also seem to me that all theses spammers are getting a lot of money but not paying any taxes why cant the IRS of all countrys weed them out that's how they ultimately brought down the Mob.
Jack of all trades,master of none
What this is really a case off is an asswipe getting away in civilized society with being an asswipe because the rest of us aren't asswipes.
Yeah, but enough about Spamhaus. Seriously, this crap couldn't have happened to a better group of passive-aggressive assholes. I'm glad that they're finally getting a taste of their own medicine, even if it is coming from an equally disreputable group.
...Dutch company Cyberbunker... Dutch authorities and the police have made several attempts to enter the bunker by force.
Perhaps I'm not understanding this quite right; from the sound of it, it would seem the cops might be running the wrong client... :p
Cyberbunker has an allotment of IP addresses.
What's to stop the targets, and everyone else from simply DROPping their packets at the firewall? Someone up there said that all we really have to do is cut their connection to the 'net. It doesn't have to be a physical disconnection.
DDoS is censorship. The Internet is supposed to route around it.
--
BMO
Dutch authorities and the police have made several attempts to enter the bunker by force but failed to do so.
Cut off their electricity. That can't last real long even if they have generators and they can easily do it from outside. How stupid are they? "Ok guys, let's just give up and go home. The door is really thick." What a bunch of morons.
Ummm... cyberbunker's general FAQ, last one reads:
Yes, there are several cyberbunkers located in various countries
Questions raise, answers kill. Raise questions to stay alive.
What the one story for which the robotroll subject is on-topic and it doesn't get first post? BTW: Screw the OP.
That group of bovine standing over there appears quite portentous. That's right it's an ominous cow herd.
Looking around it seems there are some people upset with spamhaus. Like these guys at StopHaus. Not exactly sure what their beef is:
http://stophaus.com/entry.php?5-The-Real-story-on-the-New-York-Times-Article-and-all-the-SPAMHAUS-stuff
are you concerned about law enforcement?
ddos attacks have always been around
i'd say spamhaus should be concerned about law enforcement
I dunno if they're admitting responsibility, but if they are responsible, they're in serious trouble.
When I think of SWAT teams in the US, I think of a paramilitary kind of force.
Even at the city level, the Minneapolis SWAT team wears military gear, carries full-auto submachine guns and assault rifles and has access to all the usual cop assault tools like tear gas and flash bang grenades. I don't think the locals get into stuff like explosives (grenades, shape charges, etc).
But at the federal level I would think there wouldn't be a whole lot unavailable, including serious breaching tools including shaped charges or cutting lances.
That will take care of them.
10 years on a "normal" use of the bunker (some lights, some computers...). Not has a datacenter using gobs of KWH for the servers.
They have no reason to be here... perhaps they where on exercise or got sent to the wrong address.
The police have no reason to be where? All I've seen a picture of police. An actual photograph, taken from human height not security camera height, not any sort of security camera still. Please note that during this raid they claim to have been asleep, so who the fuck was out there taking pictures?
Ah, yes, there was a 'reporter'. It's interesting how the only picture that the reporter got was a completely context-less photograph instead of them attempting to take down the door. And God only knows how CyberBunker is supposed to have gotten hold of this picture.
Incidentally, armed police do not sneak onto someone's property without a warrant, especially not by breaking through fences. And police officers with warrants do not just randomly walk away when they cannot get in.
If corporations are people, aren't stockholders guilty of slavery?
The walls are built to withstand a nuclear strike, but how about cutting a hole in the walls with a thermal lance? Or maybe just get a few truckloads of bacon: http://www.popsci.com/bacon
No, he probably just wants the British out of India.
!#@%*)anks for hanging up the phone, dear.
Yes, but they're prisoners in their own facility. "We will tell LEOs to GTFO!" is fine until you realise that those same LEOs are preventing your shift change, and you forgot to pack 80 extra pairs of skivvies this morning in case you happen to be "on shift" until the bunker doors are unsealed.
The Russian Wikipedia page states it has water and fuel for 10 years. I give them 10 days before cabin fever sets in.
Finally had enough. Come see us over at https://soylentnews.org/
As others have pointed out, the facility probably has self-sufficiency measured in years.
And even if not, "cutting off the head" doesn't kill the beast. This is a distributed denial-of-service attack. The packet floods don't originate in the bunker. The botnet command-and-control is probably not in the bunker either. And even if it were, cutting it off would mean that the DDOS would continue indefinitely*, because you've removed the only "off" switch in the system.
*"indefinitely" until whitehats locate and crack the C&C network and order the botnet to stop. But that can take a long time. It happens infrequently enough that when it does, it's a huge triumph and a massive trophy. Press releases for everyone!
So, yeah. Not gonna help the DDOS. Maybe it'll accomplish Spamhaus' objective of blackholing them, but at this point I think that's Pyrrhic.
Welcome to the Panopticon. Used to be a prison, now it's your home.
It was meant to function 10 years as a fully-functional NATO command center. Thay would definitely use gobs of power running it.
Congratulations. You're now worse than they are.
"Is it true that there are rabbits around the bunker?" It totally looks like an early April 1st joke to me.
...take off and nuke 'em from orbit. It's the only way to me sure.
It would only hold up for ten years if it was not surrounded and under sustained attack. Yes, it could possibly take a glancing hit from a nuke, but no, it would not stand up very long to some guys with drills and normal demolition charges who had the time to simply drill, demolish or undermine the complex. It would only serve as a fortress hard point if the people inside were armed and there was some hope that allied forces could relieve them in a reasonable amount of time.
And of course, as a way of protecting a connection to the Internet, the building is singularly useless. Even if you didn't just cut the wires, the IP ranges could probably be identified and removed from routing tables in a relatively trivial amount of time. The reason the cops did not simply do this is that they probably just wanted to collect evidence. If they were trying to actually put them out of business, as opposed to just messily collecting evidence, they'd need a specific court order to take that sort of action, and they wouldn't just "give up".
Still, there are some very viable uses for such a bunker. Such a bunker could easily slow down the cops enough to make it possible to destroy incriminating data, or apparently in this case, thwart a raid that was not meant to garner a lot of public attention.
Make no mistake, though, if they *really* wanted in, they could breach in a lot less than ten years. They'd just need to hire some contractors or call the military.
This whole idea that they're impregnable is nonsense. There are cutting tools that will go through blast doors and concrete, and you can be sure that a determined SWAT team has access to them.
"Designed for nuclear war" doesnt mean you can just sit inside and not defend the premises as a demolition team goes to work on it, it just means it has some degree of resistance to a nuclear blast.
I second this. I loathe these guys. I've had more pains in the arse with them because they blacklist IP ranges and never bother to retest. A pox on both their houses, I say.
The world's burning. Moped Jesus spotted on I50. Details at 11.
It may not stop the DDOS directly, but the threat of putting Cyberbunker entirely out of business probably would have some impact. There are worse things than being listed on the Blacklist. This DDOS is extremely short-sighted.
Kythe
The different lists published by Spamhaus distinguish whether the IPs are directly responsible or are organizationally related. There is no abuse of power here — customers subscribe to the lists that they want, and use those lists to block as they see fit. Spamhaus isn't forcing anyone to use the lists, nor is it misrepresenting what's in the lists.
5 meters of concrete? They could do it, sure, but it would take some time.
The dispute started when the spam-fighting group Spamhaus added the Dutch company Cyberbunker to its blacklist, which is used by e-mail providers to weed out spam.
Which of the two is "which" supposed to refer to?
systemd is Roko's Basilisk.
A movie about an evil data center housed in a thermonuclear bunker attacking the internet in revenge for a slight? Yeah, I would probably watch that movie. Especially if they called in The Joes. And Scarlett Johansson.
"He's using a quantum encryption scheme! That'll take hours to break!"
There are drilling machines that will bore railroad tunnels and 4-lane highways through granite.
The problem is for a bunker like this that whilst yes it's designed to be able to be self sufficient for 10 years, it's also designed that way with the assumption that the surrounding area will be uninhabitable/free of threats. They're specifically designed that a nuke or two goes off outside and that's it.
What they're not designed against is someone able to stand around using a thermal lance, and/or repeated shaped charges and so forth because they were built under the assumption that if "outside" was safe enough to stand around doing that, then there'd be no real need to be bunkered up in the first place.
Effectively whilst yes they're self sufficient, yes they retain structural integrity in the face of a nuclear blast or two, no, they're not invulnerable against persistent targeted close range attacks with specialised equipment.
If the authorities can find reason to get in, and really really want to get in, they can.
Police don't, as a general rule, have a good handle on the Internet. Yes the correct answer is to just cut off the access to this location. Cut the Internet off, they are done. This wouldn't be hard to do, but you have to know to do it and go and look and see who you have to talk to.
Of course it all sounds a little ridiculous given the "we can't get in to the bunker" thing. That is just them claiming it. In the real world, the police would probably get in fairly fast. I know that people think nuclear bunkers are impenetrable but they really aren't. They can deal with a nuclear blast, which is just an overpressure of so many PSI for so many seconds, not some dude with a cutting torch or shaped charges on the door.
The police don't just go away. They have time and numbers on their side. Supposing these guys did hole up in their bunker and refuse entry, and supposing the police weren't willing to force (shaped charges will take out a bunker door no problem) it either because they were worried about hurting someone on the inside or worried the people inside were armed, they can just wait. All they have to do is cut all services, and set up a perimeter to block access in and out. Then just wait. They'll run out of supplies, probably sooner rather than later, and hunger and thirst are excellent motivators to surrender.
So no, they didn't "fend off" a SWAT team. Maybe one time the police came and wanted to look around, but lacked a warrant and they said "go away" and so the police did (more likely the whole story is bullshit) but that's it. Had the police really wanted in, they would have gotten in.
Unless, of course, the door was forged in the fires of mount doom, hotter than any nuclear fire. They had to make it with normal levels of heat (I don't remember a nuclear bomb powered forge).
These structures are designed to survive a brute force attack of overpressure and heat over a wide area. To do that, they are constructed and reinforced to be very strong at the most likely angles of attack. That does not prevent a targeted attack on weak spots from undermining the structure, or alternately a concentration of energy/force on a much, much smaller surface area that can punch through.
So, yes, you're not going to incinerate the building or ram down the door, but you certainly could drill holes into the concrete and start blasting. Use of specialized equipment by the opposition is usually prevented by the little army men with the machine gun emplacements when the bunker is under military control. Unopposed, the building is just an obstacle that can be overcome at weak points.
Your post advocates a
( ) technical (*) legislative (*) market-based (*) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
(*) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(*) Users of email will not put up with it
(*) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(*) Requires immediate total cooperation from everybody at once
(*) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
(*) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(*) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(*) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(*) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(*) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(*) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
( ) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
(*) Nice try, assh0le! I'm going to find out where you live and burn your house down!
1266953+17
Thank you for that calm, insightful and reasoned comment.
Agreed. I personally think they should be tortured to death however.
Well the OP didn't where -where- on the body they should be shot..
Honestly, what is the problem with the sentence as written? Look at it:
The dispute started when the spam-fighting group, called Spamhaus, added the Dutch company Cyberbunker to its blacklist, which is used by e-mail providers to weed out spam.
It's totally clear that the phrase "which is used by e-mail providers to weed out spam" is referring to "blacklist" which immediately precedes it, there's really no other way to parse the sentence that makes sense. The only true ambiguity I see in the sentence is the "its," which could conceivably be meant to refer to Cyberbunker rather than Spamhaus. Just to be clear, I am not any kind of an expert on grammar, but I do read a lot and it seems to me if we're going to be that picky about these kind of things there are innumerable examples of much worse sentence construction to be found - and that's just looking at Slashdot summaries.
Seeing how this is a DNS reflection attack, getting rid of open DNS resolvers would be a good long term solution. I'm not holding my breath though.
It gripped her hand gently. 'Regret is for humans,' it said.
Dude, you don't start by physically attacking them, no matter how macho they're trying to appear. If they're causing problems for the rest of the Internet, you get their upstream ISPs to stop accepting traffic from them (or at minimum, to stop accepting spoofed traffic from them.) They probably have contractual terms that they're violating, in which case their upstreams should be willing to cut them off directly, or if not, you sue them and get a court to order them disconnected.
Furthermore, they're not located in the US, they're located in the Netherlands, which is a democracy. There are legal procedures and due process, and you're not allowed to physically attack them without getting them convicted first. If they're criminals, fine, they can deal with that, but it's likely that any "crimes" they've committed are at most torts or civil offenses, not violent crimes. (I was going to say "it's not like they're pirating Disney movies or something", but they probably are :-)
They're a business, not a terrorist group or armed militia. They're in it for the money. If the money's not there, they're just sitting in a bunker not having fun. The owners might be grumpy about it, but the employees aren't going to stick around if they're not getting paid.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
It's just business. You don't need to bust your way in, you can wait for the employees to come out. If they're not getting paid, they're not going to stick around long, and if the company doesn't have the internet connection, all a bunker does is provide some macho flash and maybe keep their air conditioning costs low, which doesn't help much.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
You don't need to bust your way in through the big macho doors, and you don't need a thermal lance to cut through them when you can just glue them shut or park a truck in front of the doors. If the upstream ISPs cut them off, they're not making any money, and if the bosses aren't paying the employees, the employees aren't going to stick around, and they're not going to shoot their way out.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
These bunkers are made to keep big fast explosions out, and protect the people inside from dangerous radiation outside (assuming they've brought enough food, and keep the equipment running even if external power fails. Sure, they may not be designed to protect against engineers with thermal lances cutting their way in slowly, but they're also not designed to protect the people inside from being stuck there if they do want to leave. If you cut off the employees' paychecks, they're not going to hang around forever, and they're not going to shoot their way out. A Dutch approach would be to have a cop sitting outside with a thermos of coffee and maybe a few packs of cigarettes, politely waiting for them to leave, though you could park a truck in front of the doors or weld them shut and wait for the employees to ask really nicely if you'd please let them out.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
It's only self-sustaining for 10 years if they've stocked it for that long and don't care about making money, which militaries of nuclear powers generally don't. But their threat model is nuclear war and maybe blitzkrieg, not slow attacks; these things were built long after the Maginot line.
It's a business. The employees are there for money and fun. It's probably stocked with enough fuel for a couple weeks worth of power outages, and enough food, beer, and weed to get them through a long snowstorm. But they don't have that many upstream internet providers, and if those stop providing bandwidth, the money stops flowing, the bosses stop paying the employees, the employees stop having fun.
At that point, you don't need a SWAT team, you need a cop with a thermos full of coffee by the front entrance and maybe another by the secret back door. And since this is the Netherlands and not the US, the cops can put an extra lock on the employees' bikes with a note saying that they'll unlock them in return for some paperwork. Much easier than towing their cars away from the parking lot.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
APK, is that you? /. account !?
You registered a
Unfortunately, too many DNS configurations can be used for amplification, because the responses are larger than the queries, especially if you've got new and interesting record types like DNSSEC, and too many ISPs still ignore the Best Current Practices #38 recommendation on blocking spoofed traffic. RPF is your friend.
There's some mitigation out there because the bigger response record types don't always fit in a single UDP packet, so DNS servers may handle them over TCP (which is harder to forge), and many DNS providers limit who they'll accept requests from, but there's still a lot of sloppy DNS administration out there.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I hadn't known that there'd been a previous Cyberbunker company.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
The employees are there to make money and have fun. If a court orders their upstream providers to cut off internet access to the company, the company's customers stop paying them money. If the money goes away, the bosses stop paying the employees, the employees stop getting paid and having fun, and they'll leave. They're not an ideologically motivated terrorist army or a bunch of actual pirates who'll fight their way out with cutlasses and cannons, they're a bunch of regular dudes. You don't have to starve them out or send ninjas in after them.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
They've occasionally made a mistake over the years, but targets of mistakes respond by contacting Spamhaus directly or at most using lawsuits, not by launching massive DDOS attacks. And most of the lawsuits and whining in the press come from ISPs who deserve to be blacklisted.
The reason Spamhaus has a good reputation is that they're very careful, and very conservative, and don't go blacklisting people at random or because of petty vendettas or making themselves hard to contact, like SORBS used to. The original MAPS RBL occasionally escalated by blacklisting whole ISPs when they wouldn't address problem customers; the ISP I was using back in the mid-90s got listed by them briefly, but responded reasonably well considering that they'd been hit in the face with a 2x4, and both sides became more professional as a result.
I haven't looked at the DNS RBL market in a few years, but Spamhaus is the only one that I'd consider using to actually block traffic (plus some geo-location lists, since I really don't need to get email from Nigeria or Korea.) It's possible that there are some other RBLs today that are as good, but I didn't trust most of the others for anything other than SpamAssassin weighting or maybe greylisting.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
The "which" refers to the obvious antecedent, "its blacklist". Spamhaus is the target, Cyberbunker is a hosting provider (more or less), and while nobody's directly proven that Cyberbunker is doing the attack, it's pretty clear that they or their customers or owners are involved.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I agree, but I don't know why you wrote this as a reply to my post.
The Russian Wikipedia page states it has water and fuel for 10 years. I give them 10 days before cabin fever sets in.
Bet they've got enough porn to last more than 10 days.
Lotion? Not so sure.
Watch this Heartland Institute video
As others have pointed out, the facility probably has self-sufficiency measured in years.
Nah, bollocks.
If it was to be used as a centre of government then maybe months, otherwise weeks or days.
Years is pure fantasy.
Watch this Heartland Institute video
whether it is because of Slashdotters or ... i dont know
Insight into much, Influence over nothing !
http://www.guardian.co.uk/technology/shortcuts/2013/mar/28/spamhaus-internet-attack-pr-stunt
Go to Heaven for the climate, Hell for the company -- Mark Twain
If the government really wanted to stop them, after SWAT failure, they could block their payment pathways. It might not stop the generators from powering the servers, but it would focus the attention of those who benefit financially from the activity. ... in a mirror.
--
I have seen evil