On 09/15/16 13:49 +0300, Georgi Guninski wrote:
On Thu, Sep 15, 2016 at 12:25:56PM +0300, Cari Machet wrote:
https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html
lol, Russia and China. Did he miss the Norks?
Also where the resources and bandwidth come from, there is no mention of it, especially botnets. Long ago someone claimed BGP amplification from a single ISP can get large ddos factor, don't know if this scales exponentially.
In the ISP space, certainly botnets, driven by gamers, almost exclusively - in the enterprise and "critical infrastructure" space, driven by large monetary and technical resources where botnet use is likely used for obfuscation. I've never encountered BGP amplification, which sounds like a waste of time. In the ISP space, it's near all DNS and NTP. A more interesting discussion would be non-DDOS based attacks that are only briefly touched on in the article (DNS hijacking). The quite fragile voice network - SIPs embarrassingly poor security use in trunking configurations, BGP hijacking in the default free zone, and strategic attacks on provider transport links come to mind. -- Dan White