Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 
BDFL - Memuneh
65615 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #1165759 31-Oct-2014 12:11
3 people support this post
Send private message

zaptor:
freitasm: You're completely missing the point or trying to create something that doesn't exist.

DDoS are not testing tools. It will affect networks as it goes through.

AFAIK these DDoS services exist under the (false?) guise that they provide a legitimate service. Well, that seems to be the rationale anyhow.


These are legal like those Russian-based websites selling mp3 are legal... In other words NO, they aren't. 

some people buy mp3 on Russian sites and say "I paid for it, so it must be legal", not thinking they are handing out their credit card details to a bunch of pirates. Paying for something doesn't make it legal.

DDoS services are not legal.

zaptor:
plambrechtsen: If you are doing it as per your example on a local LAN then that's fine...

Agreed.

I believe that's what I was trying to clarify for you, since you said "DDoS of any type isn't legal".


Again you are confusing LOAD TESTING with DDOS. Different things. VERY different things.






75 posts

Master Geek


  #1170345 6-Nov-2014 21:25
One person supports this post
Send private message

charsleysa:
I got told by Snap technical support that my connection received a DDoS attack and that it was affecting their network.

They also said that if I continued to receive DDoS attacks they would look into suspending or even cancelling my connection.


Ignore my previous post. They obviously changed the way they handle things now. I had this happen moments ago and I had to ring Snap! myself to find out that my connection was blacklisted because of an attack. The tech guy basically accused me of doing miscellaneous activities and causing this attack. Honestly, If I was the only user of this connection, the conversation would definitely have gone differently. I was offended by this and would of demanded for evidence.
Completely different from the last time I had a DoS attack which they blocked the incoming traffic and I was on my way to continue surfing.

 
 
 
 


1387 posts

Uber Geek


  #1170396 6-Nov-2014 22:53
One person supports this post
Send private message

usually with ddos attacks the target ip is blocked.  that is normal behaviour.  i'm surprised snap allow users to be ddos'ed multiple times a month without terminating them.



3430 posts

Uber Geek

Trusted

  #1170409 7-Nov-2014 00:08
Send private message

zaptor: I don't think they're necessarily intended to disrupt ISP subnets, but, just enough to give someone (like a console gamer) an "edge" during online play.



I should probably clarify something.
When we advertise blocks of ip addresses to other ISP's, we do it in a minimum size of a /24 subnet. You can make each advertisement cover a smaller subnet, but it can affect the size of the global routing table so everyone tries to be polite and not advertise blocks smaller than /24's. Currently most ISP routers can get away with 2gb of ram but as the internet grows, the routing table grows too and so many high level routers will need to be upgraded.

BGP is used between routers to say "hey any packets of traffic destined for x.x.x.y can be sent to me, and I'll pass them on"
The router at the other end may also receive that message from another router somewhere else and will work out the fastest path to get to the source of the advertisement and send the packets along that route.

So if we want to stop advertising 192.168.1.45, we need to stop advertising 192.168.1.1-254 (or 192.168.1.X) but we can still advertise 192.168.2.x 192.168.3.x and so on





Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




1387 posts

Uber Geek


  #1170422 7-Nov-2014 02:52
Send private message

raytaylor:
zaptor: I don't think they're necessarily intended to disrupt ISP subnets, but, just enough to give someone (like a console gamer) an "edge" during online play.



I should probably clarify something.
When we advertise blocks of ip addresses to other ISP's, we do it in a minimum size of a /24 subnet. You can make each advertisement cover a smaller subnet, but it can affect the size of the global routing table so everyone tries to be polite and not advertise blocks smaller than /24's. Currently most ISP routers can get away with 2gb of ram but as the internet grows, the routing table grows too and so many high level routers will need to be upgraded.

BGP is used between routers to say "hey any packets of traffic destined for x.x.x.y can be sent to me, and I'll pass them on"
The router at the other end may also receive that message from another router somewhere else and will work out the fastest path to get to the source of the advertisement and send the packets along that route.

So if we want to stop advertising 192.168.1.45, we need to stop advertising 192.168.1.1-254 (or 192.168.1.X) but we can still advertise 192.168.2.x 192.168.3.x and so on



You should ask your transit provider if they can provide community 666 black holing or such.  

Also the routing table isn't growing very quickly at the moment, and 2GB isn't needed unless you have very inefficient software, even for multiple full tables.

Basically you send a /32 route to them tagged with community of <their asn>:666 and they'll block it as early as they can.

You can then feed netflow or sflow data to a computer, that then sees when there's is too many new connections, and alerts you when there are so you can take a look, or goes over another limit and just blocks.  With residential users I'd vote for blocking early, and fast myself.

1 | 2 | 3 | 4 
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Withings launches three new devices to help monitor heart health from home
Posted 13-Feb-2020 20:05


Auckland start-up Yourcar matches new car buyers with dealerships
Posted 13-Feb-2020 18:05


School gardens go high tech to teach kids the importance of technology
Posted 13-Feb-2020 11:10


Malwarebytes finds Mac threats outpace Windows for the first time
Posted 13-Feb-2020 08:01


Amazon launches Echo Show 8 in Australia and New Zealand
Posted 8-Feb-2020 20:36


Vodafone New Zealand starts two year partnership with LetsPlay.Live
Posted 28-Jan-2020 11:24


Ring launches indoor-only security camera
Posted 23-Jan-2020 17:26


New report findings will help schools implement the digital technologies curriculum content
Posted 23-Jan-2020 17:25


N4L to upgrade & support wireless internet inside schools
Posted 23-Jan-2020 17:22


Netflix releases 21 Studio Ghibli works
Posted 22-Jan-2020 11:42


Vodafone integrates eSIM into device and wearable roadmap
Posted 17-Jan-2020 09:45


Do you need this camera app? Group investigates privacy implications
Posted 16-Jan-2020 03:30


JBL launches headphones range designed for gaming
Posted 13-Jan-2020 09:59


Withings introduces ScanWatch wearable combining ECG and sleep apnea detection
Posted 9-Jan-2020 18:34


NZ Police releases public app
Posted 8-Jan-2020 11:43



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.