Explanation - What is happening!? (Network Engineer)
- Thread starter Defeated
- Start date
Yes, and those companys DONT PREVENT the attacks because thats impossible, they are scrubbing it and thats another word for absorbing them.
So yes the solution is to have more BW then the attackers, if not you can prove me wrong with a post about it.
Also, Minority Report is not real, thats a movie
Yes, and those companys DONT PREVENT the attacks because thats impossible, they are scrubbing it and thats another word for absorbing them.
So yes the solution is to have more BW then the attackers, if not you can prove me wrong with a post about it.
Also, Minority Report is not real, thats a movie
Scrubbing is not absorbing. These services offer high level detection, interruption, mitigation and prevention techniques using proprietary hardware and software at SoCs around the globe. Traffic becomes rerouted (can also always be routed through) to these centers once an elevated security threat is discovered. This can happen before an attack even approaches it's destination (when referring to variable rerouting, not fixed), in some situations. Can I ask what type of experience you have regarding this matter?
Also, I'm not quite sure I understand the reference to Minority Report, although, I don't believe I've seen the movie.
Edit: I ask what kind of experience you have regarding this matter, not to insult you, but because we can continue a discussion regarding network security in much more detail if I knew the extent of your knowledge.
Bandwidth consuming attacks are seen as only a small fraction of all "high level" network security threats.
If you want to educate yourself a little more - Incapsula and Arbor are two of the biggest names regarding this type of deployment/infrastructure/protection.
Last edited:
gotmilk0112
New Member
- Joined
- May 2, 2016
A lot of things happened, that people never thought would happen.
They don't necessarily NEED to add those to legacy realms.
Nothing on the store existed in vanilla, so really, adding them to a legacy realm would be going against the concept of legacy realms.
Diablo 2 isn't implemented into the bnet launcher, but that's still being supported.
Releasing an "updated vanilla" would kinda go against the idea of releasing a "vanilla" server in the first place, because it woudln't truly be 1.12 vanilla, it'd be a patch *similar* to vanilla. If the "mechanics" are "updated", then it's not vanilla anymore.
As for bugs, honestly, I wouldn't mind if they fixed some of the more major bugs from vanilla, but obviously there would be contention as to what bugs should get fixed and what bugs should stay, and arguments over "blizzlike" thrown around.
That's like saying "Diablo 2 makes Diablo 3 look bad".
They're two different games.
As long as Blizzard makes a clear distinction between retail and "legacy", there should be no problems.
It's been noted many times already that people playing vanilla/TBC realms aren't subbed to retail in the first place, so......yeah
Last edited:
For anyone who's interested in learning abit more about dos attacks; look up "Three generations of DDoS attacks" by Sam Browne @ DEFCON from 2011 on youtube. Some methods might not be as relevant today but he explains it very well on layman terms. He also does some demonstrations with the audience.
Link.
Link.
The thing you just described are absorbing.
I highlighted your text, when you re-route the traffic to another network that network absorbs the attack and take the hit instead, that network still need more BW then the attacker to be able to re-route the traffic because if you dont have that the router that will do the re-routing will die, simple as that.
Yes, Scrubbing is absorbing because you absorb all the traffic and let clean and good traffic thru, so you still need 300Gbps of BW to handle a 300Gbps attack if you want to scrub the traffic.
I dont think you really know how this works, there are no magical hardware that cleans traffic from 100Gbps attack hosted on a 10Mbps connection, you always need a bigger pipe then the attacker to do that, everyone with common sense knows this.
OVH for example has a Arbor that can manage 160Gbps attacks, if you attack a OVH server with over 200Gbps that server will get nullrouted if not there arbor will be down and other servers will get attacked/disconnect from the internet, its simple math, 1+1=2.
Minority Report, you cant PREVENT an attack, the attack will always go off.
Time travel has not been invented yet.
<span tabindex="-1" id="result_box" class="short_text" lang="en"><span class="">[video=youtube;lG7DGMgfOb8]https://www.youtube.com/watch?v=lG7DGMgfOb8[/video]
Last edited:
Maxcorpious
New Member
- Joined
- Apr 27, 2016
- Location
- Pennsylvania USA
Cloudflare has Anycast network... they have the capability to absorb (thin out) the attack... so a 300Gbps attack can be divided across their infrastructure. But... it still sucks that these R-tards are DDoS'ing our WoW server... may they burn in Hell.
Yes, but there network are larger then 300Gbps and they are a service created for handling attacks against webservers. Cant really compare webservers with gameservers either.
It's not a single network that all traffic is rerouted to, so no, they are not "absorbing" the attack. The attack never happens. It is deamplified, discarded, dropped before it can reach any level of network crippling potential. The attack only happens if all packets manage to reach a single source (target), this is when the bandwidth is overloaded/consumed.
There is on-premise hardware to put inline. Arbor is only one of the companies offering these solutions or, sometimes proprietary software to integrate with specific Cisco products. Again I ask, what kind of experience do you have regarding this topic? I'm gathering not much from your attempted explanations.
You talked about bandwidth, when in reality, this has nothing to do with how these solutions work.
Last edited:
So, you mean a network that only has 100Mbps capacity can stop a 300Gbps attack if they use the correct hardware?
I mean if the BW has nothing todo with this, please can you explain how? Our company would save hundreds of thousands of dollars every month.
Right now i think you are trolling me
Also, if i fire a gun against you but i miss(or if your friend throws himself infront of you), have i not attacked you?
Last edited:
Maxcorpious
New Member
- Joined
- Apr 27, 2016
- Location
- Pennsylvania USA
Oh, ok... I didn't know the crackers were sending over 300Gbps traffic... although it could be divided across the reverse proxy's network. Let's just hope it's better than what Twinstar had previously, since now the URL is pointing to the new Name Servers. Anyhoo... can't wait 'til we can play again.
Maxcorpious
New Member
- Joined
- Apr 27, 2016
- Location
- Pennsylvania USA
Great video. Thanks.
So, you mean a network that only has 100Mbps capacity can stop a 300Gbps attack if they use the correct hardware?
I mean if the BW has nothing todo with this, please can you explain how? Our company would save hundreds of thousands of dollars every month.
Right now i think you are trolling me
Also, if i fire a gun against you but i miss(or if your friend throws himself infront of you), have i not attacked you?
I'm not trolling you and to be quite honest, I'm done talking to you about it. I can tell you're one of those people that doesn't like to be wrong, which I can most certainly guarantee, you are. You also clearly do not have any knowledge or understanding regarding the subject, you wouldn't be trying to argue your bandwidth point to me if you did. I deploy and support Arbor Network solutions daily. It is one critical aspect out of the many duties my job entails.
If you want a detailed explanation as to how such services (ex. Arbor Network's solutions) work, I recommend you browse their website and read the information which is publicly available.
Here's a short, informative video to help get you started.
https://www.youtube.com/watch?v=yvaZZWwjJH0
Last edited:
So, i guess you are firstline support pressing a button
You were not able to argue my point so i guess im right and you wrong.
See you.
Last edited:
Other than what is on the respective vendor's website, they do not publicly divulge inner workings or deep technical details on a level which I assume you are looking for. Some vendors do offer (Arbor Networks) instructor lead training/certifications. However, this is not as simple as just signing yourself up. It is quite expensive, requires a great deal of prior knowledge, expertise and experience and ultimately requires them to approve of your request to attend. They are very selective. It's aimed primarily toward partnered MSSP (Managed Security Service Providers) or internal security teams of large companies who utilize the products. They all must be approved/vetted and sign/agree to the terms laid out prior to the training taking place (Noncompete/Nondisclosure).
At the end of the day, this is IP (Intellectual Property) which is safeguarded and proprietary to each vendor.
The layered based systems I talked about in this post;
Are relatively new solutions and completely custom built. Before 2010, there was no such record of any DDoS attack ever reaching 100+Gbp/s. As such, the need never existed for this. Strong inline hardware systems were MOST OFTEN capable of the mitigation themselves.
The best way to learn about how something like this would work or could work, is to become familiar with many different fields (Security, Analytics, Cloud Computing, Infrastructure..) in great detail, drawing your own conclusions from logic and hands on experience. There are lots of different methodologies any one company could draw from, utilize, package together or build up. Sorry I can't give you anything more than that.