Last visit was: Fri Jul 04, 2014 11:23 pm
It is currently Fri Jul 04, 2014 11:23 pm

SNMP DDoS against Spamhaus


All times are UTC - 5 hours [ DST ]


 [ 4 posts ] 
Author Message
 PostPosted: Tue Dec 27, 2011 10:44 pm   
You are kiillllling-a my bizinisss!
User avatar

Joined: Thu Mar 01, 2007 3:01 am
Posts: 5915
Quote:
Spamhaus has observed a newer type of distributed denial-of-service attack (DDoS) which has only recently become popular among cybercriminals. In just the past month, several attacks using this method have been investigated by private security firms and law enforcement agencies. During December 2011, Spamhaus sustained an SNMP DDoS on the order of magnitude of the largest DDoS seen to date on the Internet. Our anti-DDoS resources allowed us to implement effective measures to mitigate this attack, and we are working with law enforcement and security industry partners to shut down the originators.

This DDoS vector is similar to the older DNS Amplification Attack, but instead of DNS it uses Simple Network Management Protocol (SNMP) services to reflect and amplify a stream of UDP packets toward a DDoS target. The attacker's packets contain forged (spoofed) originating IP addresses, so that the SNMP server to which these packets are sent replies with a large UDP packet to the spoofed address, which belongs to the victim. The amplification effect of this vector can produce high traffic volumes from a relatively small input stream, effectively clogging the 'pipes' into the victim's server to produce denial of service.


http://www.spamhaus.org/news.lasso?article=678


Top
 Profile  
 PostPosted: Mon Mar 18, 2013 5:57 pm   
You are kiillllling-a my bizinisss!
User avatar

Joined: Tue Jun 27, 2006 2:01 am
Posts: 9227
Spamhaus has been down for over 24 hours.

http://blog.wordtothewise.com/2013/03/s ... ajor-ddos/

March 18, 2013
Quote:
DNS services, including rsync and the mirrors, are up and running.

Spamhaus is working to bring the mailserver and website back up, and are hoping to have it up later today.


Top
 Profile WWW  
 PostPosted: Fri Apr 26, 2013 5:40 pm   
You are kiillllling-a my bizinisss!
User avatar

Joined: Tue Jun 27, 2006 2:01 am
Posts: 9227
One month later!
Ref: http://www.bbc.co.uk/news/technology-22314938 26 April 2013
Quote:
Spanish police have arrested a Dutchman suspected of being behind one of the biggest ever web attacks.

The man arrested is believed to be Sven Kamphuis, the owner and manager of Dutch hosting firm Cyberbunker that has been implicated in the attack.

"Spamhaus is delighted at the news that an individual has been arrested and is grateful to the Dutch police for the resources they have made available and the way they have worked with us," said a Spamhaus spokesman.


Back in March -Ref: http://www.bbc.co.uk/news/technology-21954636 27 March 2013
Quote:
Recently, Spamhaus blocked servers maintained by Cyberbunker, a Dutch web host that states it will host anything with the exception of child pornography or terrorism-related material.

Sven Olaf Kamphuis, who claims to be a spokesman for Cyberbunker, said, in a message, that Spamhaus was abusing its position, and should not be allowed to decide "what goes and does not go on the internet".

Spamhaus has alleged that Cyberbunker, in cooperation with "criminal gangs" from Eastern Europe and Russia, is behind the attack.


Top
 Profile WWW  
 PostPosted: Fri Apr 26, 2013 6:43 pm   
Spammer Killing Machine
User avatar

Joined: Sun Jun 13, 2010 5:22 pm
Posts: 528
The BBC report makes the irony of the situation difficult to ignore.

Quote:
Mr Kamphuis took exception to Spamhaus's action saying in messages sent to the press that it had no right to decide "what goes and does not go on the internet".

The report seems to suggest that "SK" anointed himself to decide what does or does not go on the internet.

He was arrested in Barcelona — a lovely vacation stop, in case anyone is interested. One can dine very nicely on inexpensive tortilla (Espanola) and café con leche, although the highly acclaimed ham is a bit too bloody for my taste.


Top
 Profile  
 [ 4 posts ] 

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: Wayback machine and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Style originally created by Volize © 2003 • Redesigned SkyLine by MartectX © 2008