Bitcoin Forum
December 17, 2017, 07:22:32 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: 2013-10-17 Register: How mystery DDoSers tried to take down Bitcoin exchange  (Read 952 times)
Arvicco
Hero Member
*****
Offline Offline

Activity: 574


Please bear with me


View Profile WWW
October 17, 2013, 03:06:59 PM
 #1

http://www.theregister.co.uk/2013/10/17/bitcoin_exchange_ddos_flood/

1513495352
Hero Member
*
Offline Offline

Posts: 1513495352

View Profile Personal Message (Offline)

Ignore
1513495352
Reply with quote  #2

1513495352
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Carlton Banks
Legendary
*
Offline Offline

Activity: 1848



View Profile
October 17, 2013, 07:08:35 PM
 #2

Is there a TCP/IP alternative that's resistant, or more uneconomic, to use for DOS attacks? This whole progression of having firms that specialise in DOS mitigation looks more and more like a protection racket business model. I understand that the Linux kernel was both designed and improved to negate the use of virus protection on the platform, despite not succeeding in elimintaing Linux viruses altogether. A similar outcome with a TCP/IP usurper would be most welcome.

Vires in numeris
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
October 17, 2013, 09:05:34 PM
 #3

Is there a TCP/IP alternative that's resistant, or more uneconomic, to use for DOS attacks? This whole progression of having firms that specialise in DOS mitigation looks more and more like a protection racket business model. I understand that the Linux kernel was both designed and improved to negate the use of virus protection on the platform, despite not succeeding in elimintaing Linux viruses altogether. A similar outcome with a TCP/IP usurper would be most welcome.
Nothing except specialized services can protect you from 100Gbps attack if your normal connection is only 1Gbps.

It simply overfloods the pipe - it works in the same manner as water. When attackers use up all your bandwidth, nothing is left for the normal traffic.

Carlton Banks
Legendary
*
Offline Offline

Activity: 1848



View Profile
October 17, 2013, 09:32:55 PM
 #4

Nothing except specialized services can protect you from 100Gbps attack if your normal connection is only 1Gbps.

It simply overfloods the pipe - it works in the same manner as water. When attackers use up all your bandwidth, nothing is left for the normal traffic.

Yes, I appreciate the concept of the attack vector for DOS, I'm also aware there are alternative attacks that only require low bandwidths to exploit known timeout intervals on DNS servers to deny legitimate user access. The DOS toolkit is larger than regular bandwidth flooding these days.

I have no useful insights as to how it would be done, the technical aspects of data routing at the basest level is not something that I know much about. I just find it surprising that there has been no innovation into how we solve this problem. Hacking servers with high bandwidth connections may never be completely solved, so it's tempting to think about addressing the issue from a more fundamental basis, and not just using expensive mitigation services. It just becomes an arms race then, and there's alot of potential corrupt behaviour that can stem from that.

Vires in numeris
LiteCoinGuy
Legendary
*
Offline Offline

Activity: 1148


In Satoshi I Trust


View Profile WWW
October 18, 2013, 12:13:09 PM
 #5

"Web security firm Incapsula helped a Chinese Bitcoin trader to weather a ferocious denial-of-service attack last month when the volume of inbound traffic to the site peaked at 100Gbps.

The attack against BTC China, a platform where both Bitcoin and Chinese yuan are traded, lasted nine hours and is one of the fiercest on record. But unlike the even bigger 300Gbps attack against Spamhaus back in March no amplification techniques were used in the assault against BTCChina."

The circumstances of the BTC China attack mean that the unknown assailants had a huge amount of bandwidth at their disposal. "This amount of fire power isn't cheap, or readily available, signifying a big step up in resources pulled together to launch this type of attack," according to Incapsula.



these bastards ;-)

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!