The rise of multivector DDoS attacks
The blog post discusses various types of Layer 3/Layer 4 DDoS attacks that have occurred since the last write-up on this topic. It mentions a gigantic SYN flood in April, which was notable for its large size and global distribution. The attack seemed to be partially spoofed with random source IP addresses. Apart from the gigantic SYN floods, the author also talks about common SYN floods coming mainly from Asia, reaching 600-650 Gbps. Additionally, the blog post discusses the decline of SSDP and memcached amplification attacks, which were previously considered significant threats. The author notes that "multivector" amplifications have become more common recently, where attackers pool different amplification types to generate substantial traffic. The overall perspective is that while volumetric attacks still happen, they are less frequent and smaller in scale compared to a few years ago.
Company
Cloudflare
Date published
Nov. 12, 2018
Author(s)
Marek Majkowski
Word count
873
Hacker News points
None found.
Language
English