Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/2/2008
10:06 AM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Only 2% Of Internet Traffic is 'Raw Sewage'

This figure, recently touted by Arbor Networks, strikes me as very low.

This figure, recently touted by Arbor Networks, strikes me as very low.According to a recent posting by Arbor Networks, which is monitoring ISP traffic in a data sharing program, the company is seeing about 1,300 distributed denial-of-service attacks a day. About 1 million since they started monitoring about 18 months ago.

The data sharing program has some reach, with 68 separate ISPs participating, and with more than 140,000 interfaces. They say traffic peaks at about 1.5 Tbps on the 1,300 routers it tracks. (Yes, there seems to be a 1 to 1 correlation between the number of attacks and the number of routers in the program . . . ).

But for their nearly two years of effort, they're not showing much. Like, for instance, attack frequency drops significantly on Christmas Day, New Year's Eve, and New Years Day. . . . Fascinating . . .

They also found IRC servers are the most common targets "although those attacks are usually lower-scale and not as well distributed as larger attacks," the post states. What do you think? These are kids attacking the IRC command and control centers of their friends' botnets? That's my suspicion.

Also, DDoS attacks account for ~1-3% for the inter-domain traffic. There have been occasional peaks above 5%. While not inconsequential, this amount certainly isn't going to threaten the service levels of any major IPS.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-16123
PUBLISHED: 2020-12-04
An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This could be exploited by...
CVE-2018-21270
PUBLISHED: 2020-12-03
Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x).
CVE-2020-26248
PUBLISHED: 2020-12-03
In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. The problem is fixed in 4.2.1 of the module.
CVE-2020-29529
PUBLISHED: 2020-12-03
HashiCorp go-slug before 0.5.0 does not address attempts at directory traversal involving ../ and symlinks.
CVE-2020-29534
PUBLISHED: 2020-12-03
An issue was discovered in the Linux kernel before 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimize unshare_fd(), aka CID-0f2122045b94.