Wednesday, March 27, 2013

Cloudflare: The DDoS That Almost Broke the Internet

San Francisco-based Cloudflare reported that a Distributed Denial of Service attack against Spamhaus has surpassed all other known DDoS attack in volume --  exceeding peak loads of 300 Gbps.

The DDoS attack, which was profiled in The New York Times, the BBC and other media outlets on Wednesday, involves a dispute between Spamhaus and Cyberbunker, a Dutch web host.

Cloudflare began providing web optimization and DDoS protection for Spamhaus earlier this month after an initial wave of DDoS traffic hit Spamhaus, which maintins a blacklist of I.P. addresses of known spammers.

Cloudflare said the DDoS attack has grown in recent days as traffic crossed several major Tier 1s, primarily in Europe.

Beyond attacking CloudFlare and its direct peers, the attackers also attacked the core IX infrastructure on the London Internet Exchange (LINX), the Amsterdam Internet Exchange (AMS-IX), the Frankfurt Internet Exchange (DE-CIX), and the Hong Kong Internet Exchange (HKIX).  Cloudflare estimates the attackers were able to generate more than 300 Gbps of traffic.

A blog posting describes the attack:

See also