[jacquesm]

The hosting facilities where I have my servers would class this one as 'just another days work'.

Sites that are routinely targeted for blackmail because they make lots of money have dealing with attacks like this down to a science. Of course they're not going to go out of their way to advertise that it happens all the time to protect their business interests, so that's why you may not have heard about it.

Banks and other financial institutions, gambling sites, large porn sites, top 100 websites and sites that are either vulnerable to brand damage or that have a lot of turnover see an awful lot of this.

50Gbps is at most 50K zombies or so, that's really not that bad.

The largest attacks against sites that I know of used a million ips and more. That's a wholly different kettle of fish and starts to be a real problem because even hardware based packet filtering (Thanks force10!) has its limits.

[jacquesm]

Additional notes (too late to edit the comment above):

After a call with one of my hosting providers (yes, on a Sunday at that, how is that for service), they saw the 40Gbit barrier broken somewhere at the end of 2007, today they're prepared for a multiple of that but he says that because they are that well prepared they've become less of a target.

They've invested a very large sum of money in infrastructural components specifically to deal with DDOS attacks at the hardware level, and though he doesn't rule out the possibility that they'll be one day facing one they can't deal with he doesn't seem overly worried, he does not want to claim any upper limit.

The countries they've seen the most trouble from are hard to pin down, but apparently the former USSR states and China are pretty high on hist list for the 'bot masters'.

Extortion seems to have arrived on the internet to stay, if you're a small player and you become successful you'd better be prepared, sooner or later you'll be a target.

Even smaller websites can easily get 2 to 10 Gbps ddos attacks aimed at them, the first time this happened to me I was pretty happy that all that happened was that I received an email from my ISP informing me of the fact without any loss of service.

[quicksilver03]

Can you name those hosting providers you're using? I think that it could be useful to many of the readers here.

[jacquesm]

I've done so in the past and I have already remarked somewhere earlier that I feel a bit uncomfortable about mentioning this business on HN because it feels a bit like advertising (and it's owned by a former employee and a bunch of his friends of mine so I'm not exactly impartial).

If you really want to know please drop me a line (email in my profile).

[ttimrawi]

jacquesm,

Not a single provider in the world can handle this kind of attack peacefully without service interruption except China Telecom and China Union.

Your calculations can't be more off about 50K bots, our counts showed more than 100K we couldn't count after that due to limitation in software.

My business has been dealing with DDOS attacks since 2002 we pretty much saw the brunt of every kind of new attack that came online. The only thing that can be compared with magnitude to this is the DNS Amplification attack, but that was limited in it's impact considering the source of the attack was diverse not from one geo area.

[jacquesm]

Force10 will sell you a router that will fend off a DDOS attack with over a million zombies. It's going to cost you though.

Yes, there will be an interruption, but you will be able to get the situation back under control while the attack is still in progress. You will need your upstreams/peers to collaborate.

If you're on the Cisco platform, then good luck to you.

[davidu]

You are simply incorrect in your facts.

I can't cite how I know, but if you look up who I am you can probably guess that I'm aware of the largest DDoS's in the world that take place.