DDOS

31 August 2016 at 2:12pm
The Board of European Regulators of Electronic Communications (BEREC) have now released the final version of their net neutrality guidelines, following a public consultation that received nearly half a million responses. These seem to have resulted in clarifications of the draft version, rather than any significant change of policy.
5 July 2016 at 8:32am
A new EU law, created earlier this year, requires public network providers to ensure "network neutrality" – roughly, that every packet be treated alike unless there are legitimate reasons not to.
5 April 2016 at 8:37am
Jisc often receives requests from customers asking to help assess the effectiveness of a security control (firewalls being the most common). Security controls can rarely be assessed in isolation since doing so requires an understanding of the risks that led to the control being selected. This causes obvious problems for measuring effectiveness if controls are implemented for “best practice” rather than identified needs.
20 July 2015 at 12:00pm
There's a tension between network neutrality - essentially the principle that a network should be a dumb pipe that treats every packet alike - and network security, which may require some packets to be dropped to protect either the network or its users. Some current attacks simply can't be dealt with by devices at the edge of the network: if a denial of service attack is filling your access link with junk then nothing you do at the far end of that link can help.
26 June 2014 at 10:10am
Time to move from the mechanics and policy of DNS replication to a new topic. Within the global DNS there are two roles that a server can play: ones that hold data - nameservers, and ones that fetch that data for clients - resolvers. Nameservers need to provide their data to the entire Internet whereas resolvers serve a small set of client systems.
25 June 2014 at 2:15pm
So you've designed your redundant architecture and ensured that your data is being replicated across it? All set? Not quite. Within your DNS configuration there are two timers that we frequently see misconfigured -  TTL values and the SOA expire value. Frequently we see these left at default a default of one day (86400 seconds). Whilst these may suit many organisations it's worth taking a closer look to make sure that they match your expectation for your DNS services.
2 April 2014 at 11:35am
We continue to monitor the effect of the filtering of large ntp packets (> 128 bytes) at the Janet borders. Where people have had concerns we've been working with them to make sure that their work is impacted as little as possible by this measure. The filtering has had a large reduction on the impact to Janet infrastructure but the current filtering limits still allow enough traffic through the Janet border to cause disruption for customers with 100Mb/s, or busy 1Gb/s, connections.
21 February 2014 at 2:10pm
The increasing frequency, number and size of ntp based DDoS attacks against Janet connected organisations has at times briefly degraded connectivity to sections of the network. Whilst we are able to react to these attacks as and when they occur, the impact upon our customers can be significant. This situation is far from unique to Janet - ISPs globally are struggling with this issue.
Network time protocol (ntp) servers are regularly being used to reflect and amplify spoofed UDP packets towards the target of a DDoS attack. Attacks are growing in size and frequency and sometimes even cause issues for the organisations hosting the reflectors. Servers offering the 'monlist' command are particularly troublesome and can provide a huge amplification affect.
5 December 2013 at 4:09pm
You can call CSIRT for help   If you suspect that your institution is suffering from a DDoS attack you can call on Janet CSIRT for assistance. We can help you understand and analyse the traffic, and in most cases can work with our network operations centre and transit partners to filter traffic. Where possible we work with other network providers to eliminate the sources of the attack.  
Subscribe to DDOS