up_the_irons: dang that article was scary sjackso: Not all of linode was down at that time (I had a vps with them that trucked along happily the entire time), but I think their web portal was done and various things were screwy ***: tellnes has quit IRC (*.net *.split) mercutio: atlanta was down most of that time i think
well for long periods of time ***: tellnes has joined #arpnetworks brycec: "proactively prevent DDOS" Being proactive against DDOS? How would that work, DDOS the DDOSers? mercutio: bcp38? brycec: Wouldn't BCP38 "Ingress Filtering" still allow your upstream pipe to become saturated? (admittedly, the only thing I know is the name "ingress filtering") mercutio: well it makes it quicker to find who is ddos'ing
and it stops reflection attacks
the seeding of reflection attacks that is ant: but bcp38 is something to other end(s) of the ddos attack need to do mercutio: yeah it's thinking of it from all points of view, rather than just from the target brycec: "ingress filtering is a technique used to ensure that incoming packets are actually from the networks from which they claim to originate." (ah)
(I was thinking "ingress filtering" was synonymous with basic firewalling)
(Not that it isn't basic firewalling, but it's specifically anti-spoofing)
Wikipedia:https://en.wikipedia.org/wiki/Ingress_filtering BryceBot: Ingress filtering :: In computer networking, ingress filtering is a technique used to ensure that incoming packets are actually from the networks from which they claim to originate. This can be used as a countermeasure against a various spoofing attacks where the attacker's packets contain fake IP addresss to make it difficult to find the source of the attack. This technique is often used in the denial-of-service attack, and this is a primary... ant: also, if i see it correctly reflection attacks are getting out of fashion. and bcp38 doesn't stop direct attacks (e.g. from massive iot botnets) ***: mkb_ has joined #arpnetworks mercutio: ant: reflection is sitll quite common.
but often it spikes soon after a new way of doing reflection attacks opens up, before people plug the holes ant: mercutio: yeah, but it seems to me that all the big recent attacks have been iot related (and they have been bigger than any reflection attack before) ***: mkb_ has quit IRC (Quit: leaving) mercutio: oh, big attacks maybe
but frequent attacks can come from amplification attacks ant: i can imagine. but those don't make it to the news ;) ***: mkb_ has joined #arpnetworks
Lucifer333 has joined #arpnetworks
Lucifer333 has quit IRC (Quit: Leaving)
mkb_ has quit IRC (Quit: leaving) sjackso: up_the_irons: Good show with the shirts and mugs. nathani: do they ship to Canada? ***: dj_goku has quit IRC (Ping timeout: 250 seconds)
mkb_ has joined #arpnetworks
dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host)
dj_goku has joined #arpnetworks
dj_goku has quit IRC (Ping timeout: 260 seconds)
dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host)
dj_goku has joined #arpnetworks
dj_goku has quit IRC (Ping timeout: 260 seconds)
dj_goku has joined #arpnetworks up_the_irons: sjackso: :)
nathani: yes, they ship worldwide. shipping to Canada is a little more expensive than the US. ***: mkb_ has quit IRC (Quit: leaving)