At Staminus, we’re always thinking about cyber defense. We live and breathe network security as individuals and as a company, because we want to guard our customers. There is great value in proliferating knowledge and training about security to the next generation of Information Technology workers. That’s why we’re excited about programs like the National Collegiate Cyber Defense Competition (NCCDC) and the National Cyber League (NCL). These programs give students the opportunity to cut their teeth on security tools, and provide them a new perspective on software and networks.
It’s that time of year again, and the 64th meeting of NANOG is gearing up to start this June 1st through 3rd in San Francisco, CA! Hosted at the Westin St. Francis San Francisco, we look forward to seeing networking professionals, experts, and friends this next week. Staminus is proudly attending this year, with our own CEO Matt Mahvi presenting at the Security Track on Tuesday, June 2nd. Covering DDoS as it appears in media today and what we can expect out of it in the coming year, the presentation will feature our most recent data spanning the thousands of attacks we sustain weekly, as well as what we do here at Staminus to keep on top of the scaling problem of denial-of-service. You can sit down with us for the full coverage in Tower Salon A, or check out the NANOG YouTube for live streaming of the conference.
About NANOG: The North American Network Operators Group or NANOG, is the professional association for Internet engineering and architecture. Their core focus is on the technologies and systems that make the Internet function: core routing and switching; Internet inter-domain routing; the domain name system; peering and interconnection; and Internet core security. They also cover associated areas with a direct impact on Internet architecture such as data centers and optical networking.
We will also be hosting one of the breaks on Wednesday at 4pm in the Italian Room. Swing by the Staminus table for some info, to meet our team, and for some fun swag! We’re looking forward to seeing everyone there. Want to schedule a formal meeting? Contact us at firstname.lastname@example.org, and speak with one of our team members to arrange a time.
When working with DDoS mitigation, we find a lot of controversial clients who need protection from Denial of Service attacks. In the industry of cybersecurity, it isn’t uncommon for us to protect industries that are often politically and socially charged, or on the fringes of everyday people.
The internet has been a great boon for free speech worldwide, a home to everyone with platforms for journals, forums for communities, and a massive library for the collective knowledge of the web-connected world. We have seen some of the greatest economic growth in the last couple of decades fueled by the ready availability of information, and the digital space to build something out of it. A lot of this growth has created industry and homes for both special and conflicting interests that might otherwise be seen as subversive or distasteful in popular culture, whether that be for recent reasons or an age-old disagreement. What better way in our day and age is there to silence someone you distrust or disagree with than to remove their world platform?
It’s not just the fringe crowd either. Too often we hear about groups like a local government, local schools, even just the mom and pop shop down the street with their little website being hit by DDoS attacks for no other reason than someone would anonymously prefer that they were offline.
The Staminus Team will be heading up to lovely Santa Clara, CA for Velocity 2015, the conference to be at for companies large and small that are seeking reliable structure for their web presence. Most companies with outward-facing dynamic websites face the same challenges: pages must load quickly, infrastructure must scale efficiently, and sites and services must be reliable, without burning out the team or breaking the budget. Velocity is the best place on the planet for web ops and performance professionals to learn from their peers, exchange ideas with experts, and share best practices and lessons learned.
With the increasing volume of users online, small to large businesses are more dependent than ever on consistent uptime and a smooth user experience. We’re ready for the challenges of your network, with in-house designed technology, patented methods of detection and mitigation, and a staff with 15 years of experience. Staminus’ DDoS protection promises the least network disruption with our cloud and appliance solutions that make mitigating easy and painless. You can join our team at Booth #914 in the exhibition hall on May 28th and 29th for information, examples, and to ask our senior staff exactly how we do things better.
Want to have a meeting? Contact us! We’re happy to sit down with clients individually to give you a solid foundation on how we want to help you. You can reach us at email@example.com or by phone at 949-202-5305. For more information on Staminus and our DDoS protection, you can visit us here at staminus.net. To learn about Velocity and O’Reilly media conferences, check out their homepage and learn how you can attend. See you in Santa Clara!
I’ve written in the past about the Internet of Things and how it’s the greatest thing in the world that’s going to doom us with its proliferation. We’ll end up in a dystopian future where we all fight to the death for the pleasure of a select few in the Capital. I may be exaggerating a bit. In all seriousness though, we’ve already seen millions of these devices spread around the world. Every home router is another Internet connected device with its own operating system that needs to be secured. They have a CPU, ram, disk, and run a full system with services that can be exploited for the whims of a hacker. Cyber security has become more important than ever. DDoS protection companies and network security staff are going to be busy!
We’ve seen another of these vulnerabilities surface this month, in one of the things that seems to always crop up: routers.
WhiteHat Security Founder & CTO Jeremiah Grossman recently provided a neat infographic outlining the top vulnerability methods for websites, which for us shows a lot of room to grow in DDoS protection. We wanted to share it with you as it illustrates just how far we have to go in securing the web. What’s amazing to me is that 29% of websites are likely vulnerable to brute force! Open source firewalls like iptables are able to stop this using modules like conntrack, recent, and hashlimit. Most brute force attacks can be stopped without deep packet inspection. Incidentally, a basic level of DDoS protection can also be provided using these modules. After all, DDoS attacks are a type of brute force attack. The best part, the tools are free! You just need the hardware. With advancements in CPUs and network stacks, you can easily achieve millions of packets per second in iptables.
Insufficient transport security at 70% and Information leakage at 56% are not at all surprising. This is a great infographic for all website administrators. Take this and keep it pinned to your desktop. You can see the full report by visiting the WhiteHat Security website. Thanks Jeremiah for the great resource.
DE-CIX announced Tuesday that it had reached 4.080 Tbps on its peering platform this last Sunday. That’s quite an impressive number. The sheer volume of that traffic is immense and gives scope to the number of people conducting business and their daily lives on the Internet. Tied in with the millions who are contributing to that traffic, it also touches on the need for us to address cyber security that scales with the huge volume of use. With a growing Internet, we have a growing problem of intrusions, distribution of malware, viruses, botnets, an increase in spam and DDoS attacks.
It’s becoming ever more important for companies to connect to a peering platform to increase their connectivity across the world for performance and security. I commend DE-CIX on a wonderful job promoting their peering exchange and wish them the best for their New York exchange, which we are proud to be a part of. We look forward to connecting to more peers! Let the DDoS flow, we’ll protect against it with DE-CIX’s help.
-Matt Mahvi, CEO
The Obama administration recently launched a program to aid in the battle against overseas cyber criminals. Under the newly signed executive order, those cyber criminals can be sanctioned, having their assets and other financial transactions frozen. The order focuses on foreign nationals that launch cyber attacks that threaten U.S. interests. The program is fairly broad, and like many anti-terrorism laws, highly discretionary. The federal government is pulling out the stops to help the onslaught of what feels like a global cyber war on Western companies. Many have been crying for federal help. This is a step in that direction.
For many around the world, cyber security (especially DDoS mitigation) companies and the field of information security, this has very important ramifications. The potential overreach and compliance issues can have dramatic impact.
We’ve seen a new crop of DDoS attacks against school districts and universities this spring, to such an extent that many of these organizations are rescheduling their testing of students entirely. Notably amongst these have been Minnesota’s Department of Education, and again this week at Rutgers University, with the latter outage persisting through the weekend into the next week. It’s not confined to any particular region either, as we’re seeing things crop up in California, Colorado, Ohio, and other states.
But why the sudden onslaught? Sure, it’s testing season, and if the opportunity rises to cancel an exam, a student might be sorely tempted to make that happen. To some, it’s no different than pulling a fire alarm to burn time and in some respects, that’s exactly what it is. However, it doesn’t account for the frequency in comparison to the years prior, where DDoS was just as doable for an internet savvy student. Everything from YouTube instructions to walkthroughs have existed purely for this purpose for a few years now.
While we’ve covered the how and why of DDoS-ing schools and universities in a previous blog post, we thought it was interesting to revisit just how much we’ve seen it happening this year so far. We think the answer is likely simple, and surprisingly not technical. Convenience and awareness. Read More
A couple of months ago, I wrote an article about how the Great Firewall of China, due to a code glitch, ended up sending out massive DDoS attacks. This obviously spells danger if it falls into the wrong hands and is misused. Last week, GitHub fell prey to a large DDoS attack that caused intermittent issues with their service for over four days. What was this DDoS attack all about? Why did it happen?