[nsp-sec] Any intel on DDoS attack that impacted HE

[Nicholas Ianelli]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sent a mail over to some HE guys, wondering if anyone else had any
insight into this.

Appears there was an attack on the 29th (according to their Twitter
feed, lasted ~20 minutes).

Then another attack on October 3rd that appears much more severe:


https://lists.mayfirst.org/pipermail/service-advisories/2011-October/000292.html

Appears to have impacted at least UK, Delaware, Boston and California
regions.


We've received the following update from our upstream provider,
Hurricane Electric, regarding last night's outage:

- ---

On October 3rd we experienced a large attack against multiple core
routers on a scale and in ways not previously done against us. We had
various forms of attack mitigation already in place, we have added more.
It was all fixable in the end, just the size and number of routers
getting attacked and the figuring out what attacks were doing what to
what took some time. The attack mitigation techniques we've added will
be left in place. We are continuing to add additional layers of security
to increase the resiliency of the network.

Because the attackers were changing their methods and watching how their
attacks were responded to, we are not at liberty to elaborate on the
nature of the security precautions taken.


Cheers,
Nick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk6MYqsACgkQi10dJIBjZICQygCgm+i2TVg15e1bz5uxSNq8DLcJ
BVMAoKZkZNZg7EL/KltuprMkE5Q0rvKl
=Mfw7
-----END PGP SIGNATURE-----