Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
3430 posts

Uber Geek

Trusted

  #1165412 31-Oct-2014 00:29
Send private message

I suppose if we had to stop advertising a /24 we could NAT those behind it to a spare ip address on another subnet at the border routers. Would only take a minute to manually switch on. Bigger ISPs with more complex networks would find it a bit harder I guess. 
But its only a temporary measure and not really a solution if a problem customer keeps causing it.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




1948 posts

Uber Geek
Inactive user


  #1165532 31-Oct-2014 09:28
Send private message

There are a number of DDoS mitigations at Spark. The hardest DDoS's to hit are when there is a UDP targeted attack against a large pool of IP addresses from a random source. As you can't really cut large groups of your customers off since they are being attacked.

But I have seen a recent graph showing a DDoS targeted to a single IP address in excess of 30 Gigabits per second and that lasted for over an hour or so.

Filtering inbound port 53 (DNS) traffic on customers unless they opt out of Port 25 filtering is a recent addition, it still gets carried across the network which if I had anything to do with it the traffic would get dropped further towards the source. But that leads to a whole myriad of other issues. The filter also means that customers don't get billed for the usage if there is a random DDoS.

 
 
 
 


659 posts

Ultimate Geek


  #1165582 31-Oct-2014 10:01
One person supports this post
Send private message

My limited understanding is that DDoS services vary significantly in terms of attack duration and node count.

DDoS services are basically commoditized - and legal.

Last time I checked minimum block sizes could be rented in 5 minute chunks, with minimum attack durations specified within that. I think the lower capacity DDoS offerings are targeted towards the mass/consumer market. I don't think they're necessarily intended to disrupt ISP subnets, but, just enough to give someone (like a console gamer) an "edge" during online play.

An acquaintance of my son uses a similar service.

The problem is when everyone starts fighting fire with fire.

BDFL - Memuneh
65637 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #1165590 31-Oct-2014 10:11
One person supports this post
Send private message
659 posts

Ultimate Geek


  #1165595 31-Oct-2014 10:23
Send private message

freitasm: "Legal"?

Where? Certainly not in New Zealand.


You mean I'm not allowed to DDoS my own site to check server integrity?

(disclaimer: I have no idealogical view on the matter either way, I was just saying)

BDFL - Memuneh
65637 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #1165598 31-Oct-2014 10:26
5 people support this post
Send private message

By doing a DDoS on your own site you will be disrupting services to other users in the same hosting/colocation facility. 

It's no excuse. If you want to load test your site/server then you should do in a private network.

DDoS on anyone else is not legal anyway.







1948 posts

Uber Geek
Inactive user


  #1165649 31-Oct-2014 10:55
Send private message

freitasm: By doing a DDoS on your own site you will be disrupting services to other users in the same hosting/colocation facility. 

It's no excuse. If you want to load test your site/server then you should do in a private network.

DDoS on anyone else is not legal anyway.


Not that I have gone hunting, but I would find it hard to believe that any DDoS "services" would remotely recognise anything near legal, especially in this country. And if it were legal in another dubious country then it certainly is immoral.

 
 
 
 


659 posts

Ultimate Geek


  #1165652 31-Oct-2014 10:58
Send private message

Curious.

Wouldn't it depend on the magnitude and type of DDoS?

If I DDoS a specific IP address (that I own/rent), and no one notices (effectively) - meaning no disruption to my local subnet, then is it that (grudgingly) permissable?

It seems there are low capacity DDoS attempts occurring constantly (which are annoyingly effective), especially on networks with a high quotient of online gamers. But it's only the high capacity ones that get noticed.

BDFL - Memuneh
65637 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #1165655 31-Oct-2014 10:59
5 people support this post
Send private message

If you are using a "DDoS service" to "test" your own address it will still have to traverse other networks to get to you. If you want to do a load test (a very different thing) then you will be running in-house, inside your own network, not going through the public Internet or shared networks.

There's no excuse.





1948 posts

Uber Geek
Inactive user


  #1165656 31-Oct-2014 11:01
Send private message

zaptor: Curious.

Wouldn't it depend on the magnitude and type of DDoS?

If I DDoS a specific IP address (that I own/rent), and no one notices (effectively) - meaning no disruption to my local subnet, then is it that (grudgingly) permissable?

It seems there are low capacity DDoS attempts occurring constantly (which are annoyingly effective), especially on networks with a high quotient of online gamers. But it's only the high capacity ones that get noticed.


Nope. DDoS of any type isn't legal. There is something in the second D of DDoS that has problems.

659 posts

Ultimate Geek


  #1165682 31-Oct-2014 11:29
Send private message

freitasm: If you are using a "DDoS service" to "test" your own address it will still have to traverse other networks to get to you. If you want to do a load test (a very different thing) then you will be running in-house, inside your own network, not going through the public Internet or shared networks.


Fair enough.

I don't think it really answers the questions I raised earlier. Even if it does traverse other networks, so long as no one notices (or cares), then it appears there is a precedent for such a service to exist. In a hypothetical situation where a DDoS is harming no one except the intended/authorized recipient, then what's the argument against that?

plambrechtsen: Nope. DDoS of any type isn't legal. There is something in the second D of DDoS that has problems.

Not sure, it means what you think it means:
250.1 refers to endangerment of life
250.2 refers to a computer system "he or she" is not authorised on

If a computer tutor wants to demonstrate to his students (I don't know - say "security 101") how a DDoS works by attacking one of the classroom PCs using other classroom PCs all on the same classroom LAN, I'm fairly certain that tutor isn't breaking the law.

BDFL - Memuneh
65637 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #1165685 31-Oct-2014 11:31
One person supports this post
Send private message

You're completely missing the point or trying to create something that doesn't exist.

DDoS are not testing tools. It will affect networks as it goes through.







1948 posts

Uber Geek
Inactive user


  #1165686 31-Oct-2014 11:32
Send private message

zaptor:
freitasm: If you are using a "DDoS service" to "test" your own address it will still have to traverse other networks to get to you. If you want to do a load test (a very different thing) then you will be running in-house, inside your own network, not going through the public Internet or shared networks.


Fair enough.

I don't think it really answers the questions I raised earlier. Even if it does traverse other networks, so long as no one notices (or cares), then it appears there is a precedent for such a service to exist. In a hypothetical situation where a DDoS is harming no one except the intended/authorized recipient, then what's the argument against that?

plambrechtsen: Nope. DDoS of any type isn't legal. There is something in the second D of DDoS that has problems.

Not sure, it means what you think it means:
250.1 refers to endangerment of life
250.2 refers to a computer system "he or she" is not authorised on

If a computer tutor wants to demonstrate to his students (I don't know - say "security 101") how a DDoS works by attacking one of the classroom PCs using other classroom PCs all on the same classroom LAN, I'm fairly certain that tutor isn't breaking the law.


How can you be sure of this?? Normally a DDoS floods the international inbound capacity. There would have been packets either dropped or delayed.

If you are doing it as per your example on a local LAN then that's fine, but as soon as you traverse a network you don't own (such as the ISP) then you are breaking the law IMHO.

From the above link: 

250Damaging or interfering with computer system

 

     

  • (2)Every one is liable to imprisonment for a term not exceeding 7 years who intentionally or recklessly, and without authorisation, knowing that he or she is not authorised, or being reckless as to whether or not he or she is authorised,—

     

       

    • (c)causes any computer system to—
    •  

         

      • (ii)deny service to any authorised users.

Seems pretty clear cut in my view. DDoSing someone prevents other from using the network.

659 posts

Ultimate Geek


  #1165728 31-Oct-2014 11:54
Send private message

freitasm: You're completely missing the point or trying to create something that doesn't exist.

DDoS are not testing tools. It will affect networks as it goes through.

AFAIK these DDoS services exist under the (false?) guise that they provide a legitimate service. Well, that seems to be the rationale anyhow.

Personally, I dislike the fact these services exist in the first place. I certainly do not use them.

But, I could see how their existence might be deceptively justified.

659 posts

Ultimate Geek


  #1165733 31-Oct-2014 11:57
Send private message

plambrechtsen: If you are doing it as per your example on a local LAN then that's fine...

Agreed.

I believe that's what I was trying to clarify for you, since you said "DDoS of any type isn't legal".

1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

New Vodafone mobile data plans with unlimited data
Posted 26-Feb-2020 06:55


Vodafone launches innovation initiatives to help businesses use 5G
Posted 26-Feb-2020 05:00


Ultimate Ears HYPERBOOM brings massive sound and extreme bass
Posted 25-Feb-2020 09:00


Withings launches three new devices to help monitor heart health from home
Posted 13-Feb-2020 20:05


Auckland start-up Yourcar matches new car buyers with dealerships
Posted 13-Feb-2020 18:05


School gardens go high tech to teach kids the importance of technology
Posted 13-Feb-2020 11:10


Malwarebytes finds Mac threats outpace Windows for the first time
Posted 13-Feb-2020 08:01


Amazon launches Echo Show 8 in Australia and New Zealand
Posted 8-Feb-2020 20:36


Vodafone New Zealand starts two year partnership with LetsPlay.Live
Posted 28-Jan-2020 11:24


Ring launches indoor-only security camera
Posted 23-Jan-2020 17:26


New report findings will help schools implement the digital technologies curriculum content
Posted 23-Jan-2020 17:25


N4L to upgrade & support wireless internet inside schools
Posted 23-Jan-2020 17:22


Netflix releases 21 Studio Ghibli works
Posted 22-Jan-2020 11:42


Vodafone integrates eSIM into device and wearable roadmap
Posted 17-Jan-2020 09:45


Do you need this camera app? Group investigates privacy implications
Posted 16-Jan-2020 03:30



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.