At the time, it was a large attack, sending 85Gbps of traffic. Since then, the attack got much worse. Here are some of the technical details of what we’ve seen.
via The CloudFlare blog.
This is a fascinating insight in to one of the largest DDoD attacks that’s ever been recorded. For reference, most DDoS attacks hover around the 10 – 50 Gbps (Gigabits per second) mark. Anything over 100 Gbps is really major. This attack was peaking at over 300 Gbps. 300Gbps is roughly the equivalent of watching 10,000 1080p tv streams simultaneously. It’s a lot of data.
It’s also interesting that once the attackers understood that they couldn’t take Spamhaus down by attacking them directly, they went after some of the core pillars of the internet. This has caused me some issues over the last few days, along with many others.
Another interesting point to note is that people, including Cloudflare and Professor Alan Woodward of Surrey University have very publicly warned of potential issues around the ways DNS servers are configured. It allows a technique known as DNS reflection to amplify attacks massively, potentially tripling the volume of data being pushed through.
There’s a chilling warning at the end of the Cloudflare post:
What’s troubling is that, compared with what is possible, this attack may prove to be relatively modest.
If you want a bit of background as to why Spamhaus are being targeted, and who they’re likely to be targeted by, Ars Technica has a good write-up.