Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 
BDFL - Memuneh
66292 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #1165759 31-Oct-2014 12:11
3 people support this post
Send private message

zaptor:
freitasm: You're completely missing the point or trying to create something that doesn't exist.

DDoS are not testing tools. It will affect networks as it goes through.

AFAIK these DDoS services exist under the (false?) guise that they provide a legitimate service. Well, that seems to be the rationale anyhow.


These are legal like those Russian-based websites selling mp3 are legal... In other words NO, they aren't. 

some people buy mp3 on Russian sites and say "I paid for it, so it must be legal", not thinking they are handing out their credit card details to a bunch of pirates. Paying for something doesn't make it legal.

DDoS services are not legal.

zaptor:
plambrechtsen: If you are doing it as per your example on a local LAN then that's fine...

Agreed.

I believe that's what I was trying to clarify for you, since you said "DDoS of any type isn't legal".


Again you are confusing LOAD TESTING with DDOS. Different things. VERY different things.






75 posts

Master Geek


  #1170345 6-Nov-2014 21:25
One person supports this post
Send private message

charsleysa:
I got told by Snap technical support that my connection received a DDoS attack and that it was affecting their network.

They also said that if I continued to receive DDoS attacks they would look into suspending or even cancelling my connection.


Ignore my previous post. They obviously changed the way they handle things now. I had this happen moments ago and I had to ring Snap! myself to find out that my connection was blacklisted because of an attack. The tech guy basically accused me of doing miscellaneous activities and causing this attack. Honestly, If I was the only user of this connection, the conversation would definitely have gone differently. I was offended by this and would of demanded for evidence.
Completely different from the last time I had a DoS attack which they blocked the incoming traffic and I was on my way to continue surfing.

 
 
 
 


1387 posts

Uber Geek


  #1170396 6-Nov-2014 22:53
One person supports this post
Send private message

usually with ddos attacks the target ip is blocked.  that is normal behaviour.  i'm surprised snap allow users to be ddos'ed multiple times a month without terminating them.



3435 posts

Uber Geek

Trusted

  #1170409 7-Nov-2014 00:08
Send private message

zaptor: I don't think they're necessarily intended to disrupt ISP subnets, but, just enough to give someone (like a console gamer) an "edge" during online play.



I should probably clarify something.
When we advertise blocks of ip addresses to other ISP's, we do it in a minimum size of a /24 subnet. You can make each advertisement cover a smaller subnet, but it can affect the size of the global routing table so everyone tries to be polite and not advertise blocks smaller than /24's. Currently most ISP routers can get away with 2gb of ram but as the internet grows, the routing table grows too and so many high level routers will need to be upgraded.

BGP is used between routers to say "hey any packets of traffic destined for x.x.x.y can be sent to me, and I'll pass them on"
The router at the other end may also receive that message from another router somewhere else and will work out the fastest path to get to the source of the advertisement and send the packets along that route.

So if we want to stop advertising 192.168.1.45, we need to stop advertising 192.168.1.1-254 (or 192.168.1.X) but we can still advertise 192.168.2.x 192.168.3.x and so on





Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




1387 posts

Uber Geek


  #1170422 7-Nov-2014 02:52
Send private message

raytaylor:
zaptor: I don't think they're necessarily intended to disrupt ISP subnets, but, just enough to give someone (like a console gamer) an "edge" during online play.



I should probably clarify something.
When we advertise blocks of ip addresses to other ISP's, we do it in a minimum size of a /24 subnet. You can make each advertisement cover a smaller subnet, but it can affect the size of the global routing table so everyone tries to be polite and not advertise blocks smaller than /24's. Currently most ISP routers can get away with 2gb of ram but as the internet grows, the routing table grows too and so many high level routers will need to be upgraded.

BGP is used between routers to say "hey any packets of traffic destined for x.x.x.y can be sent to me, and I'll pass them on"
The router at the other end may also receive that message from another router somewhere else and will work out the fastest path to get to the source of the advertisement and send the packets along that route.

So if we want to stop advertising 192.168.1.45, we need to stop advertising 192.168.1.1-254 (or 192.168.1.X) but we can still advertise 192.168.2.x 192.168.3.x and so on



You should ask your transit provider if they can provide community 666 black holing or such.  

Also the routing table isn't growing very quickly at the moment, and 2GB isn't needed unless you have very inefficient software, even for multiple full tables.

Basically you send a /32 route to them tagged with community of <their asn>:666 and they'll block it as early as they can.

You can then feed netflow or sflow data to a computer, that then sees when there's is too many new connections, and alerts you when there are so you can take a look, or goes over another limit and just blocks.  With residential users I'd vote for blocking early, and fast myself.

1 | 2 | 3 | 4 
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

COVID-19: new charitable initiative to fund remote monitoring for at-risk patients
Posted 2-Apr-2020 11:07


Huawei introduces the P40 Series of Android-based smartphones
Posted 31-Mar-2020 17:03


Samsung Galaxy Z Flip now available for pre-order in New Zealand
Posted 31-Mar-2020 16:39


New online learning platform for kids stuck at home during COVID-19 lockdown
Posted 26-Mar-2020 21:35


New 5G Nokia smartphone unveiled as portfolio expands
Posted 26-Mar-2020 17:11


D-Link ANZ launches wireless AC1200 4G LTE router
Posted 26-Mar-2020 16:32


Ring introduces two new video doorbells and new pre-roll technology
Posted 17-Mar-2020 16:59


OPPO uncovers flagship Find X2 Pro smartphone
Posted 17-Mar-2020 16:54


D-Link COVR-2202 mesh Wi-Fi system now protected by McAfee
Posted 17-Mar-2020 16:00


Spark Sport opens its platform up to all New Zealanders at no charge
Posted 17-Mar-2020 10:04


Spark launches 5G Starter Fund
Posted 8-Mar-2020 19:19


TRENDnet launches high-performance WiFi Mesh Router System
Posted 5-Mar-2020 08:48


Sony boosts full-frame lens line-up with introduction of FE 20mm F1.8 G large-aperture ultra-wide-angle prime Lens
Posted 5-Mar-2020 08:44


Vector and Spark teamed up on smart metering initiative
Posted 5-Mar-2020 08:42


Schneider Electric launches new PDL Pro Series designed specifically for the commercial building market
Posted 5-Mar-2020 08:39



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.