Like Santa, DOS Does Not Take Christmas Off

January 5, 2009

Comments

January 6th, 2009 at 12:01pm

It also may be that they have nothing else to distract them on Christmas eve. No one else is online, so pings are low, game servers are empty, and news outlets aren't being updated. That leaves thousands of bored malicious teenagers looking for something to do.

January 17th, 2009 at 10:01am

This is really amazing, Cisco Guard, Cisco Anomaly Guard, i dont really know "How big" is the investment to create and maintain such structure, but i know for sure that 90% of Dedicated Servers Providers do NOT offer anything close to what SL offer us.
I am very happy to relay on SL´s protection , and even more happy to know that it really works !

January 18th, 2009 at 1:54pm

Attacks at 2+ Gbps.. that's insane!

Leave a Reply

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • You can enable syntax highlighting of source code with the following tags: <pre>, <blockcode>, <bash>, <c>, <cpp>, <drupal5>, <drupal6>, <java>, <javascript>, <php>, <python>, <ruby>. The supported tag styles are: <foo>, [foo].
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

One would think that on holidays, DOS attacks (Denial of service attacks) would be lower than usual. Historically speaking, holidays and major events such as the Super Bowl, traffic patterns and ticket activity are typically lower than usual. Based on that statistic, one might think that the number of DOS attacks, port scans, and general mischief / hacking would be down as well. Such is not the case unfortunately. Here during the joyful holidays, the Internet brings us yet another present… one of DOS attacks and HTTP floods. Below is a breakdown of DOS attacks greater than 500 Mbps or 100Kpps (packets per second):

12/23 – 8 attacks

12/24 – 6 attacks
12/25 – 12 attacks

12/26 – 7 attacks

12/27 – 8 attacks

Based on the information above, we can surely see that Christmas, the day of giving, has presented us with a variety of attacks to break down into detail. If we look at them based on time, we find the following:

3:45am – 1.64Gbps (1638.5Mbps)
12:20pm – 2.56Gbps

12:40pm – 2.56Gbps

1:20pm – 2.35Gbps

1:35pm – 193Kpps (193,000pps) 

2:10pm - 2.04Gbps 

2:20pm – 2.26Gbps

6:00pm – 186Kpps

6:20pm – 804Mbps

6:55pm – 552.9Mbps

7:11pm – 212Kpps

7:11pm – 578.8Mbps

DOS Attacks

One can deduct that this is due to the fact that the people initiating these attacks do not celebrate Christmas or have excess time on their hands because of their time off. They might also do this on a day that they think you are most vulnerable like a holiday or off- hours. Fortunately here at Softlayer we have an extensive automated DOS system comprised of multiple Cisco Anomaly Guards driven by an anomaly detection system using Arbor Peakflow SPs, flow-tools, and a variety of internally developed defense protocols. We have three (3) 24x7 Network Operation Centers (NOCs) that that are prepared to handle these situations as they arise. So what is my point… not really sure because I am not trying to sound like a commercial. But you need to choose your hosting provider wisely and make sure they have the ability to react to DOS attacks at any time, any day, during any event. DOS does not take time off… neither should your provider.

Categories: 
Keywords:
Categories:

Comments

January 6th, 2009 at 12:01pm

It also may be that they have nothing else to distract them on Christmas eve. No one else is online, so pings are low, game servers are empty, and news outlets aren't being updated. That leaves thousands of bored malicious teenagers looking for something to do.

January 17th, 2009 at 10:01am

This is really amazing, Cisco Guard, Cisco Anomaly Guard, i dont really know "How big" is the investment to create and maintain such structure, but i know for sure that 90% of Dedicated Servers Providers do NOT offer anything close to what SL offer us.
I am very happy to relay on SL´s protection , and even more happy to know that it really works !

January 18th, 2009 at 1:54pm

Attacks at 2+ Gbps.. that's insane!

Leave a Reply

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • You can enable syntax highlighting of source code with the following tags: <pre>, <blockcode>, <bash>, <c>, <cpp>, <drupal5>, <drupal6>, <java>, <javascript>, <php>, <python>, <ruby>. The supported tag styles are: <foo>, [foo].
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.