Bitcoin | Actual target of Biggest DDoS to CloudFlare

One of the biggest Distributed denial of service attacks recorded to date was to CloudFlare’s data centers in the UK. And probably bitcoin.

CloudFlare CEO Matthew Prince said on twitter that the traffic generated by the attack was about 400Gbps. The DDoS exploited the ntp protocol running on udp port 123. The attack was cleaverly exicuted by the attacker/s sending only a few packets with a spoofed source address to a “reflector” and that device would then generate traffic to its target. Large amounts of traffic.

I personally think the target was Bitcoin. There are many bitcoin servers hosted with cloudflare. The DDoS was most likely not intended to bring down cloudflare, as cloudflare boasts about their great DDoS mittigation technologies. With the recently exploited vulnerability with some bitcoin transacions, it would be rather easy for those exploits to be taken advantage of while everything else is slow and all the attention is focused on the DDoS.

Some more info and reading about Cloudflare DDos and Bitcoin here:

http://siliconangle.com/blog/2014/02/11/cloudflare-ceo-predicted-the-monster-eu-400-gbps-ddos-attack/

http://www.propertycasualty360.com/2014/02/12/bitcoin-hit-by-largest-ever-ddos-attack

IPv6 will allow them to track you down. Not!

image from iftf.org.
http://www.iftf.org/future-now/article-detail/science-hack-day-sf/
image from iftf.org. http://www.iftf.org/future-now/article-detail/science-hack-day-sf/
image from iftf.org.
http://www.iftf.org/future-now/article-detail/science-hack-day-sf/

I’ve always been interested in network security and how it is possible to track someone, break in somewhere, use ports for back doors etc. This article is about the ability to track a person by their IPv6 address. There are lots of ways that one can be tracked with an ipv4 address. I think that ipv6 will be more difficult to track than the “experts” make it out to be. And if I am wrong, there will very quickly be a way to mislead the “authorities” the same way as it is done today with ipv4.

 

Network World – There has been a surge of questions of late regarding IPv6 and whether it can be used to better identify individuals on the Internet.  Everyone from marketeers to law enforcement officials seem to hold the same misconception that IPv6 is going to make it possible to expose people in a way that IPv4 does not.

It is true that IPv6 will change addressing on the Internet.  Many of us hope it restores the ability to identify an actual network endpoint — a feature that we lost a number of years ago in IPv4.  But some appear to be imagining a future where each machine has its very own address, and that these addresses will be easily traced whenever a person visits a website, plays a game online, or even opens an email.

In fact, IPv6 actually has features that are designed to foil these sorts of plans. Also, because of the enormous IPv6 address space, it’s rather unlikely that a single machine will have a single IPv6 address.

To make sense of the discussion, we need some history.

As the world started to run out of IPv4 addresses (which is some time ago now), two things happened. First, we changed the way that addresses were given out, so that fewer addresses would be allocated at a time. Second, NAT (Network Address Translation) was invented.

A NAT is a mechanism where one network address is mapped to another address. For example, in your home network you might have a cable modem. It probably has one “public” IPv4 address: an address that is routable on the Internet. You probably have some sort of gateway or router (like a wireless access point). That gateway gives out addresses to your tablet, your phone, your Xbox, and so on. Each of these devices gets an address, usually one from a special “private” range specified in RFC 1918.

Article source: Network World

5 Steps to Securing Your Windows

Most people are aware that there are continuous security issues with Microsoft’s Windows operating system and other programs. However, what most people do not realize is how easy it is to significantly improve your computer’s security and reduce the likelihood of becoming a victim to ever increasingly sophisticated threats that lurk on the internet. These steps should take less than a couple of hours to complete and should not clean out your wallet.

Continue reading “5 Steps to Securing Your Windows” »