Hacker News new | ask | show | jobs
by jacquesm 5790 days ago
Additional notes (too late to edit the comment above):

After a call with one of my hosting providers (yes, on a Sunday at that, how is that for service), they saw the 40Gbit barrier broken somewhere at the end of 2007, today they're prepared for a multiple of that but he says that because they are that well prepared they've become less of a target.

They've invested a very large sum of money in infrastructural components specifically to deal with DDOS attacks at the hardware level, and though he doesn't rule out the possibility that they'll be one day facing one they can't deal with he doesn't seem overly worried, he does not want to claim any upper limit.

The countries they've seen the most trouble from are hard to pin down, but apparently the former USSR states and China are pretty high on hist list for the 'bot masters'.

Extortion seems to have arrived on the internet to stay, if you're a small player and you become successful you'd better be prepared, sooner or later you'll be a target.

Even smaller websites can easily get 2 to 10 Gbps ddos attacks aimed at them, the first time this happened to me I was pretty happy that all that happened was that I received an email from my ISP informing me of the fact without any loss of service.
2 comments
quicksilver03 5790 days ago
Can you name those hosting providers you're using? I think that it could be useful to many of the readers here.
link
jacquesm 5790 days ago
I've done so in the past and I have already remarked somewhere earlier that I feel a bit uncomfortable about mentioning this business on HN because it feels a bit like advertising (and it's owned by a former employee and a bunch of his friends of mine so I'm not exactly impartial).

If you really want to know please drop me a line (email in my profile).

link
ttimrawi 5789 days ago
jacquesm,

Not a single provider in the world can handle this kind of attack peacefully without service interruption except China Telecom and China Union.

Your calculations can't be more off about 50K bots, our counts showed more than 100K we couldn't count after that due to limitation in software.

My business has been dealing with DDOS attacks since 2002 we pretty much saw the brunt of every kind of new attack that came online. The only thing that can be compared with magnitude to this is the DNS Amplification attack, but that was limited in it's impact considering the source of the attack was diverse not from one geo area.

link
jacquesm 5788 days ago
Force10 will sell you a router that will fend off a DDOS attack with over a million zombies. It's going to cost you though.

Yes, there will be an interruption, but you will be able to get the situation back under control while the attack is still in progress. You will need your upstreams/peers to collaborate.

If you're on the Cisco platform, then good luck to you.

link