[ISN] DDoS Packets are Two Percent of Net Traffic, Report Says

From: InfoSec News (alerts@private)
Date: Wed Apr 02 2008 - 22:24:37 PST


http://blog.wired.com/27bstroke6/2008/04/ddos-packets-ar.html

By Ryan Singel 
Threat Level
Wired.com
April 02, 2008 

One out of every 50 packets on the internet is malicious junk intended 
simply to clog the tubes, according to a high level traffic analysis by 
Arbor Networks.

Distributed Denial of Service attacks or DDoSes aim to bring a site down 
by bombarding it with fake requests for a web page or image. It's like 
having 1,000 people continually crank calling a company -- the real 
customers can't get through.

Arbor now says those attacks account for about two percent of internet 
traffic, with peaks of up to five percent.

Some DDoSes are spurred by online grudges, such as the ones that 
occasionally target the anti-phishing site CastleCops or the large one 
launched against Estonian targets by Russian nationalists last year. 
Others are launched by cyber-criminals as part of an extortion attempt 
against an online retailer.

The attacks can be very effective, especially when launched using a 
zombie army of compromised computers known as a bot-net. But networking 
experts have learned some very effective ways to mitigate attacks by 
finding ways to filter out good traffic from the bad.

Arbor says its sensing network seeing some 1300 Denial of Service 
attacks a day. That network has been collecting traffic data for the 
last 18 months, and now is regularly getting data on almost 1.5 Tbps, a 
significant slice of internet traffic.

By contrast, email composes around 1-1.5 percent of internet traffic.

So, while two percent surely is an intriguing number and points to a 
genuine net security concern, it's hard to see cybarmageddon! on the 
horizon.

Some think that a really big DDoS, perhaps launched by the Chinese 
military, will devastate the country in an electronic Pearl Harbor. 
Threat Level remains highly doubtful.

But some people with power say the craziest things.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Wed Apr 02 2008 - 22:32:31 PST