DDoS Packet Forensics: Take me to the hex!
January 06, 2015 11:10 PM
A few days ago, my colleague Marek sent an email about a DDoS attack against one of our DNS servers that we'd been blocking with our BPF rules....
How to ensure your server's software stays secure?
March 17, 2014 10:37 AM
At CloudFlare, security is on the top of our minds. We are always looking for ways to better secure the data we are entrusted with and improve the security of our customers' websites. ...
It's Go Time on Linux
March 05, 2014 12:00 AM
Some interesting changes related to timekeeping in the upcoming Go 1.3 release inspired us to take a closer look at how Go programs keep time with the help of the Linux kernel. Timekeeping is a complex topic and determining the current time isn’t as simple as it might seem at first glance....
Technical Details Behind a 400Gbps NTP Amplification DDoS Attack
February 13, 2014 1:00 AM
On Monday we mitigated a large DDoS that targeted one of our customers. The attack peaked just shy of 400Gbps. We've seen a handful of other attacks at this scale, but this is the largest attack we've seen that uses NTP amplification....
Understanding and mitigating NTP-based DDoS attacks
January 09, 2014 4:00 PM
Over the last couple of weeks you may have been hearing about a new tool in the DDoS arsenal: NTP-based attacks. These have become popular recently and caused trouble for some gaming web sites and service providers....
MORE POSTS
July 30, 2013 8:20 AM
DDoS Prevention: Protecting The Origin
One of the many great features that CloudFlare provides is protection from Distributed Denial of Service (DDoS) attacks. A malicious party who wants to make your website or web service unavailable could try to overwhelm it with requests from compromised machines (or bots) all aro...
- By
March 27, 2013 4:35 PM
The DDoS That Almost Broke the Internet
The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times calls the attack the largest known DDoS attack ever on the Internet....
- By
March 20, 2013 6:26 PM
The DDoS That Knocked Spamhaus Offline (And How We Mitigated It)
At CloudFlare, we deal with large DDoS attacks every day. Usually, these attacks are directed at large companies or organizations that are reluctant to talk about their details. Sometimes a customer is willing to let us tell their story....
- By
March 03, 2013 1:47 PM
Today's Outage Post Mortem
This morning at 09:47 UTC CloudFlare effectively dropped off the Internet. The outage affected all of CloudFlare's services including DNS and any services that rely on our web proxy....
- By
February 22, 2013 9:12 PM
Good Web Security News: Open DNS Resolvers Are Getting Closed
This has been a rough week in the security industry with big attacks and compromises reported at companies from Facebook to Apple. ...
- By
December 21, 2012 3:41 AM
Hackers love the holidays
Looking at the latest DDoS attack statistics from CloudFlare's network, it seems that hackers love the holidays....
- By
October 30, 2012 7:54 AM
Deep Inside a DNS Amplification DDoS Attack
A few weeks ago I wrote about DNS Amplification Attacks. These attacks are some of the largest, as measured by the number of Gigabits per second (Gbps), that we see directed toward our network....
- By
September 17, 2012 8:17 PM
How to Launch a 65Gbps DDoS, and How to Stop One
Yesterday I posted a post mortem on an outage we had Saturday. The outage was caused when we applied an overly aggressive rate limit to traffic on our network while battling a determined DDoS attacker. ...
- By
August 28, 2012 5:44 PM
Turning "I'm Under Attack" into "I'm Doing Some Good"
CloudFlare's I'm Under Attack mode allows our customers to, at the click of a button, tell us that they are experiencing an attack and enable automatic protection. It works by slowing down visits to the web site that's under attack and performing extra work to identify malicious ...
- By
August 16, 2012 8:58 AM
Saturday Night Fever: Layer 7 attacks against CloudFlare sites
Recently, I've taken a look at DDoS attacks against CloudFlare sites at the IP level and the source of those attacks. The worst time for those DDoS attacks is the Wednesday Witching Hour and because of source IP address forgery most of the attacks seem to come from Mars. ...
- By
August 06, 2012 2:06 PM
Mars Attacks!
Following on from my recent post about when attacks hit CloudFlare, here's a follow up looking at where they come from. Or at least where they say they come from. Looking at attack statistics for the month of July 2012 the largest source of attacks is Mars....
- By
August 03, 2012 3:06 PM
The Wednesday Witching Hour: CloudFlare DoS Statistics
Data from inside CloudFlare's network shows that over 40% of the time there's a denial of service attack happening and directed at us. And that's just up to network layer 4 (i.e. it doesn't include more sophisticated attacks targeting applications themselves at layer 7)....
- By
December 21, 2011 11:04 PM
2011: The Year of the DDoS
As the year comes to a close, we've been assembling trend data for 2011. One of the most interesting has been the rise of denial of service (DDoS) attacks. Controlling for CloudFlare's growth, we've seen a 700% increase in DDoS attacks over the course of the year....
- By
November 16, 2011 6:59 PM
SOPA Could Create New Denial of Service Attack, Powered by Law not Botnets
The United States House of Representatives is considering the Stop Online Piracy Act, known as SOPA. Companies including Google, Zynga, Facebook, Yahoo, AOL, and Mozilla, along with organizations like the Electronic Frontier Foundation (EFF) have been sharply critical of the law....
- By