Blog

FFIEC Suggests Use of Third Party DDoS Mitigation Service – Requires Banks to Fight DDoS

Apr 4, 2014 by

Network World reports that financial institutions regulated by the federal government must protect themselves from distributed denial of service (DDoS) attacks. These attacks can cripple their networks and impact large amounts of global users.

The decision was unexpected by the Federal Financial Institutions Examination Council (FFIEC) when it released a notice defining steps it required banks and other financial institutions to follow. These included IT risk assessment, traffic analysis, attack detection, and overall incident preparation.

Continue Reading

Whitepaper Series – True Cost of DDoS Attacks for Hosting Companies

Mar 18, 2014 by

Online hosting, including data center co-location, dedicated server hosting, cloud hosting, infrastructure as a service (IaaS), and shared hosting operations, supports hundreds of millions of websites and other associated Internet facing application services around the world. Research firms predict the total market for hosting is expected to grow from $76.9B in 2010 to about $210B in 2016.

hosting_market_2016

 

Let’s consider a typical hosting company with $10M in annual revenue, a 99.99% SLA, and an SLA policy that provides 1 day of credit for a breach. A DDoS attack arrives against a customer on this network. This DDoS attack is over 100 Gbps in size so it easily exceeds the total network capacity. The attack lasts 48 hours. In this scenario, the staff will likely take up to 30 minutes to detect the attack manually. They then blackhole the destination IP, taking the customer down. The customer could be some online retail portal that has annual revenues of $5M and pays the hosting company $240,000 per year in fees. By being down for two days, the retail portal loses about $28,000. The hosting company loses $240,000 and about $27,000 in SLA credits. The total financial impact is $295,000.

Read more by downloading our new whitepaper:

Staminus – Whitepaper Series – True Cost of DDoS for Hosting.pdf

Continue Reading

DNS SRV: Making It More Difficult to DDoS Your Minecraft Server, and How to Bypass It

Mar 17, 2014 by

Staminus, through its sister company Intreppid, hosts quite a few Minecraft servers! We have come to understand Minecraft and other games fairly well. There are certain techniques that can help game hosts reduce their DDoS mitigation cost. This particular technique leverages DNS SRV. It’s easy to implement, but also easy to circumvent.

DNS SRV is defined in RFC 2782 (http://tools.ietf.org/html/rfc2782). It allows a DNS entry to contain a protocol and port, making it easier to give users just a hostname, such as hub.game.com and have that DNS record contain the protocol (TCP) and port (25565) of the game, as well as a round robin list of backend hubs. In this case, the hubs can be BungeeCord, developed by our good friend MD5 over at SpigotMC (http://www.spigotmc.org/).

Continue Reading

The Age of Amplified DDoS Attacks – Smurf, Bang, DNS, NTP, and WordPress!

Mar 13, 2014 by

In recent months, we have seen an onslaught of DDoS attacks that leverage existing Internet technology to amplify the power and ultimate impact of the attack.  I covered devastating NTP amplification in https://blog.staminus.net/mitigating-80-gbps-attacks-ntp-amplification-attacks-on-the-rise and powerful DNS amplification in https://blog.staminus.net/mitigation-of-attacks-exceeding-40-gbps. These were also covered by popular technical blog ARSTechnica and others. The basic idea behind amplified DDoS is:

  1. Widespread vulnerability
  2. Spoof the target

This technique is certainly not new. Historically, amplification has been used extensively in DDoS attacks.  What is new, however, is that these attacks are now affecting more people worldwide than ever before. Coupled with the widespread adoption of the Internet we’ve seen in the past few years, this is a devastating combination.

Continue Reading

Juniper: Staminus Protects Customers From Cyberattacks with a Terabit Scale Network

Feb 5, 2014 by

Juniper recently did a case study on Staminus. The challenge many networks face today is to create a scalable, high-performance infrastructure to connect customers to security systems and protect them from 100Gbps and beyond DDoS attacks. To tackle this challenge, we selected Juniper for their array of high performance, high density, and scalable routing and switching platforms. The result: the Staminus global backbone and world-leading DDoS mitigation network.

Read more at: http://www.juniper.net/us/en/local/pdf/case-studies/3520500-en.pdf

Continue Reading

The Myth About Content Deliver Networks (CDN) – Why More Nodes Don’t Matter!

Jan 23, 2014 by

Modern CDNs pride themselves on having as many nodes as possible. For example, they’ll throw up nodes in San Diego, Los Angeles, San Jose, San Francisco, Phoenix, and Las Vegas just for the south west United States. This is great and the work they put in is certainly admirable. It’s not easy nor cheap to bring up that many nodes. They then turn around and advertise that their latency is some presumably important percentage better than their competitors that have a few less nodes than them.

The below is a map that outlines the above explanation. It serves as a global example of a modern CDN. This is a relatively small CDN. Bigger CDNs include Akamai, Level3, and Limelight.

cdn_many_nodes

Continue Reading

Long Term DDoS Attacks – Hidden Cost of Appliances and Benefits of Insurance

Jan 20, 2014 by

We have posted several articles on the new threat of NTP floods, the quadrupling of attacks in 2013, and the complexities of mitigating large attacks over 40 Gbps. These articles discuss attack bursts that can cripple global networks, but fail to discuss the financial impact of long term DDoS attacks. Mitigating an attack may be technologically feasible, but mitigating this attack for an extended period of time can have dramatic costs associated with it.

ddos_80gbps_90_mins

Continue Reading

Mitigating 80 Gbps Attacks – NTP Amplification Attacks on the Rise

Jan 9, 2014 by

The recent wave of attacks on EA, Riot Games, Blizzard, Valve, and many others in the past few weeks have utilized a very uncommon attack technology. These attacks are similar in nature to DNS amplification attacks, which we wrote about back in September. Those attacks leveraged misconfigured DNS servers to launch very large attacks. We’re now faced with a similar situation.

ddos_80gbps

 

Continue Reading

DDoS mitigators finally recant faith in appliances

Jan 9, 2014 by

Recent press releases demonstrate several major DDoS mitigation companies switching from an appliance-based method to a cloud-based method of DDoS mitigation.

“Arbor Networks has branched out into services, offering Arbor Cloud DDoS protection service – a global DDoS cleaning service which works in conjunction with on-premise Arbor Pravail equipment to provide multi-layered defence.” – Techday [1]

In a press release earlier this year [2], Radware also announced their entry into the cloud DDoS mitigation space.

Staminus has been providing cloud-based DDoS mitigation since 1998, and has continued to be at the forefront of this emerging technology. Let’s examine why Staminus has chosen a cloud-based method since the beginning.

Continue Reading

Staminus Now Offers Managed Backup!

Nov 29, 2013 by

Staminus is proud to announce its latest service offering: Managed Enterprise Backup, available for all dedicated servers! Managed backups allow our professional storage and security experts to manage all of your critical infrastructure backup needs.

Our managed backup system is built using Idera CDP and our Enterprise-grade SAN, capable of over 100,000 IOPS. Enterprise backup offers the following advantages over traditional archiving and copy procedures:

  • Full System Backup: Data files, MySQL databases, file system structure, partition tables, and even the MBR are all backed up and verified daily
  • Lightning Fast Restore: Enterprise-grade storage and gigabit networks mean your backup and restore processes are as efficient as possible
  • 100% Managed: Idera CDP and our professional admin team handle 100% of the backup process, from setup to maintenance and monitoring
  • Bare Metal Restore: In the event of a complete hardware failure, our team can provision an identical server and restore your machine to its last verified backup point
  • 5 Recovery Points: Backups are archived on a rolling basis, meaning you can restore from any backup point within the previous 5 days from your initial restore request

Continue Reading