Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5
mattwnz
16742 posts

Uber Geek


  #2551503 28-Aug-2020 17:54
Send private message quote this post

neb:
mattwnz:

 

Doesn't seem to be getting  huge amount of coverage, considering this is a big part of NZs infrastructure. Saw some experts on the news last night discussing it. Normally I understand with  a DDOS on a website server, that the admins would block the IP ranges of those doing the attack.

 

It's a distributed attack, that's what the first 'D' is, there's no "IP range" to block. Eventually the Russian group doing it will send in a demand for BTC to go away. The problem is in this case that nothing in NZ has ever been of any interest to attackers so there's been little motivation to protect against it. I guess as with taking quarantine more seriously it'll now get some budget devoted to it.

 

 

 

Guessing then that Cloudflare could be a solution to them? 4 Days in a row though isn't good.


neb

neb
2889 posts

Uber Geek

Trusted
Lifetime subscriber

  #2551509 28-Aug-2020 18:07
Send private message quote this post

mattwnz:

Guessing then that Cloudflare could be a solution to them? 4 Days in a row though isn't good.

 

 

Not necessarily, you can go with specialised DDoS protection services that you only need to pour money into while the attack is happening, they usually only last a few days before they move on. "Use Cloudflare" isn't an automatic solution, it can help against general nuisance attacks but this sounds like something pretty targeted which may require more specialised services, and it becomes more a matter of economics than anything else, what's the best way to spend our mitigation budget? For example you may find with Cloudflare that DDoS mitigation is included in your monthly fee up to a certain level and beyond that you pay on a pro rata basis.

 

 

Having said that, "use Cloudflare" would be a good start.

 
 
 
 


timmmay
16410 posts

Uber Geek

Trusted
Subscriber

  #2551556 28-Aug-2020 20:14
Send private message quote this post

Whatever your DDOS provider is, you need to ensure you only accept traffic from them, not from anywhere else. That often means changing IP address, as even if you reject packets from other IPs at your firewall it still takes your bandwidth.

 

I use CloudFlare with my AWS server, because it's cheaper than CloudFront. I only whitelist traffic from my home IP and from CloudFlare Both AWS CloudFront / AWS Shield and CloudFlare can cope with very large DDOS attacks. AWS Shield / CloudFront coped with a 2.3Tbps DDOS attack (that's about how much internal bandwidth I think NZ has), and I believe they can cope with larger. Not sure what the biggest CloudFlare can do is, but they mitigated a 0.25Tbps attack automatically.


ezbee

326 posts

Ultimate Geek


  #2551974 29-Aug-2020 15:58
Send private message quote this post

Is there another aspect to some of these attacks.
Would it also enable the group to also sneak some hacking attacks though an overloaded system while things are in chaos and recovering from DDoS ?

 

Not just a 'smash' raid to backup extortion demand, but opportune to set things up for a later 'grab'


neb

neb
2889 posts

Uber Geek

Trusted
Lifetime subscriber

  #2551992 29-Aug-2020 16:23
Send private message quote this post

ezbee:

Is there another aspect to some of these attacks.
Would it also enable the group to also sneak some hacking attacks though an overloaded system while things are in chaos and recovering from DDoS ?

 

 

Highly unlikely, it's a straightforward protection racket. What makes the NZX one problematic is that it's had worldwide media coverage, which both means that the attackers know they're having an effect and that they can't stop now because it'll encourage non-payment from future targets. The usual approach is to batten down the hatches and wait for them to move on, but that isn't an option any more in this case.

eracode
4580 posts

Uber Geek

Subscriber

  #2552904 31-Aug-2020 10:39
Send private message quote this post

Down again.





Sometimes I just sit and think. Other times I just sit.


Fred99
10984 posts

Uber Geek


  #2552911 31-Aug-2020 10:50
Send private message quote this post

eracode:

 

Down again.

 

 

Is it?  Seems to be working fine for me.


 
 
 
 


freitasm
BDFL - Memuneh
68482 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #2552913 31-Aug-2020 10:52
Send private message quote this post

Not working here - just an empty page with a script.





 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Amazon | My technology disclosure


Fred99
10984 posts

Uber Geek


  #2552924 31-Aug-2020 11:08
Send private message quote this post

freitasm:

 

Not working here - just an empty page with a script.

 

 

OK - it did that here a minute ago - but it's working again now.  If keep hitting F5 fast enough, I wonder if the GCSB might knock on my door.


freitasm
BDFL - Memuneh
68482 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #2553009 31-Aug-2020 11:14
Send private message quote this post





 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Amazon | My technology disclosure


eracode
4580 posts

Uber Geek

Subscriber

  #2553010 31-Aug-2020 11:16
Send private message quote this post

Fred99:

 

freitasm:

 

Not working here - just an empty page with a script.

 

 

OK - it did that here a minute ago - but it's working again now.  If keep hitting F5 fast enough, I wonder if the GCSB might knock on my door.

 

 

According to radio news it was down for seven minutes this morning. Currently up again.





Sometimes I just sit and think. Other times I just sit.


MikeB4
15555 posts

Uber Geek
Inactive user


  #2553019 31-Aug-2020 11:18
Send private message quote this post

Not available for me. Just a pretty white screen. 


Zeon
3631 posts

Uber Geek

Trusted

  #2553050 31-Aug-2020 11:55
Send private message quote this post

I wrote up a blog with some ideas on how to deal with DDoS like this:

 

https://www.geekzone.co.nz/Zeon/9026

 

Main point is to target DoS at insecure devices in the botnet.....





Speedtest 2019-10-14


MikeB4
15555 posts

Uber Geek
Inactive user


  #2553057 31-Aug-2020 12:00
Send private message quote this post

Apparently the attacks are wider than just NZSX. Other organisations and government agencies are being hit

eracode
4580 posts

Uber Geek

Subscriber

  #2553081 31-Aug-2020 12:10
Send private message quote this post

MikeB4: Apparently the attacks are wider than just NZSX. Other organisations and government agencies are being hit

 

In NZ?





Sometimes I just sit and think. Other times I just sit.


1 | 2 | 3 | 4 | 5
View this topic in a long page with up to 500 replies per page Create new topic




News »

Amazon introduces new Echo devices
Posted 25-Sep-2020 11:56


Mad Catz introduces new S.T.R.I.K.E. 13 Mechanical Gaming Keyboard
Posted 25-Sep-2020 11:34


Vodafone NZ upgrades international submarine network
Posted 25-Sep-2020 09:09


Jabra announces wireless noise-cancelling airbuds, upgrade existing model
Posted 24-Sep-2020 14:43


Nokia 3.4 to be available in New Zealand
Posted 24-Sep-2020 14:34


HP announces new HP ENVY laptops aimed at content creators
Posted 24-Sep-2020 14:02


Logitech introduce MX Anywhere 3
Posted 21-Sep-2020 21:17


Countdown unveils contactless shopping with new Scan&Go tech
Posted 21-Sep-2020 09:48


HP unveils new innovations for businesses adapting to rapidly evolving workstyles and workforces
Posted 17-Sep-2020 15:36


GoPro launches new HERO9 Black camera
Posted 17-Sep-2020 09:45


Telecommunications industry launches new 5G Facts website
Posted 17-Sep-2020 07:56


New Zealand ranks 3rd in world in GSMA index
Posted 15-Sep-2020 10:13


Trend Micro Security Suite adds web monitoring to prevent identity theft
Posted 14-Sep-2020 15:37


NVIDIA to acquire Arm for US$ 40 billion
Posted 14-Sep-2020 12:27


Epson launches its next gen A3+ colour EcoTank multi-function printer
Posted 10-Sep-2020 16:08



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.