Staminus Blog

Articles, Thoughts, and Speculations from the Staff

The Controversial Web, and Protecting It From Denial of Service

By | Blog | No Comments

When working with DDoS mitigation, we find a lot of controversial clients who need protection from Denial of Service attacks. In the industry of cybersecurity, it isn’t uncommon for us to protect industries that are often politically and socially charged, or on the fringes of everyday people.

The internet has been a great boon for free speech worldwide, a home to everyone with platforms for journals, forums for communities, and a massive library for the collective knowledge of the web-connected world. We have seen some of the greatest economic growth in the last couple of decades fueled by the ready availability of information, and the digital space to build something out of it. A lot of this growth has created industry and homes for both special and conflicting interests that might otherwise be seen as subversive or distasteful in popular culture, whether that be for recent reasons or an age-old disagreement. What better way in our day and age is there to silence someone you distrust or disagree with than to remove their world platform?

It’s not just the fringe crowd either. Too often we hear about groups like a local government, local schools, even just the mom and pop shop down the street with their little website being hit by DDoS attacks for no other reason than someone would anonymously prefer that they were offline.

Read More

Staminus Brings the DDoS Protection to Velocity 2015

By | Updates | No Comments

velocity email banner-01

The Staminus Team will be heading up to lovely Santa Clara, CA for Velocity 2015, the conference to be at for companies large and small that are seeking reliable structure for their web presence. Most companies with outward-facing dynamic websites face the same challenges: pages must load quickly, infrastructure must scale efficiently, and sites and services must be reliable, without burning out the team or breaking the budget. Velocity is the best place on the planet for web ops and performance professionals to learn from their peers, exchange ideas with experts, and share best practices and lessons learned.

With the increasing volume of users online, small to large businesses are more dependent than ever on consistent uptime and a smooth user experience. We’re ready for the challenges of your network, with in-house designed technology, patented methods of detection and mitigation, and a staff with 15 years of experience. Staminus’ DDoS protection promises the least network disruption with our cloud and appliance solutions that make mitigating easy and painless. You can join our team at Booth #914 in the exhibition hall on May 28th and 29th for information, examples, and to ask our senior staff exactly how we do things better.

Want to have a meeting? Contact us! We’re happy to sit down with clients individually to give you a solid foundation on how we want to help you. You can reach us at or by phone at 949-202-5305. For more information on Staminus and our DDoS protection, you can visit us here at To learn about Velocity and O’Reilly media conferences, check out their homepage and learn how you can attend. See you in Santa Clara!

mike gieson (1)

Internet of Things: The Threat You Love That Keeps Coming Up

By | Blog, Tech News | No Comments

I’ve written in the past about the Internet of Things and how it’s the greatest thing in the world that’s going to doom us with its proliferation. We’ll end up in a dystopian future where we all fight to the death for the pleasure of a select few in the Capital. I may be exaggerating a bit. In all seriousness though, we’ve already seen millions of these devices spread around the world. Every home router is another Internet connected device with its own operating system that needs to be secured. They have a CPU, ram, disk, and run a full system with services that can be exploited for the whims of a hacker. Cyber security has become more important than ever. DDoS protection companies and network security staff are going to be busy!

We’ve seen another of these vulnerabilities surface this month, in one of the things that seems to always crop up: routers.

Read More

White Hat Security Statistics Report Shows Vulnerabilities to DDoS and More

By | Blog, Tech News | No Comments

WhiteHat Security Founder & CTO Jeremiah Grossman recently provided a neat infographic outlining the top vulnerability methods for websites, which for us shows a lot of room to grow in DDoS protection. We wanted to share it with you as it illustrates just how far we have to go in securing the web. What’s amazing to me is that 29% of websites are likely vulnerable to brute force! Open source firewalls like iptables are able to stop this using modules like conntrack, recent, and hashlimit. Most brute force attacks can be stopped without deep packet inspection. Incidentally, a basic level of DDoS protection can also be provided using these modules. After all, DDoS attacks are a type of brute force attack. The best part, the tools are free! You just need the hardware. With advancements in CPUs and network stacks, you can easily achieve millions of packets per second in iptables.

Insufficient transport security at 70% and Information leakage at 56% are not at all surprising. This is a great infographic for all website administrators. Take this and keep it pinned to your desktop. You can see the full report by visiting the WhiteHat Security website. Thanks Jeremiah for the great resource.

DE-CIX Reaches 4.080 Tbps of Peering Traffic

By | Blog | No Comments

Image Courtesy of DE-CIX

DE-CIX announced Tuesday that it had reached 4.080 Tbps on its peering platform this last Sunday. That’s quite an impressive number. The sheer volume of that traffic is immense and gives scope to the number of people conducting business and their daily lives on the Internet. Tied in with the millions who are contributing to that traffic, it also touches on the need for us to address cyber security that scales with the huge volume of use. With a growing Internet, we have a growing problem of intrusions, distribution of malware, viruses, botnets, an increase in spam and DDoS attacks.

It’s becoming ever more important for companies to connect to a peering platform to increase their connectivity across the world for performance and security. I commend DE-CIX on a wonderful job promoting their peering exchange and wish them the best for their New York exchange, which we are proud to be a part of. We look forward to connecting to more peers! Let the DDoS flow, we’ll protect against it with DE-CIX’s help.

-Matt Mahvi, CEO


david-lat (1)

Sanctions and Cyber Attacks: 2015 Brings Changes for DDoS

By | Blog | No Comments

The Obama administration recently launched a program to aid in the battle against overseas cyber criminals. Under the newly signed executive order, those cyber criminals can be sanctioned, having their assets and other financial transactions frozen. The order focuses on foreign nationals that launch cyber attacks that threaten U.S. interests. The program is fairly broad, and like many anti-terrorism laws, highly discretionary. The federal government is pulling out the stops to help the onslaught of what feels like a global cyber war on Western companies. Many have been crying for federal help. This is a step in that direction.

For many around the world, cyber security (especially DDoS mitigation) companies and the field of information security, this has very important ramifications. The potential overreach and compliance issues can have dramatic impact.

Read More

schoolsblog (1)

Academic Testing and DDoS: Why Schools Are Taking Hard Hits This Spring

By | Blog | No Comments

We’ve seen a new crop of DDoS attacks against school districts and universities this spring, to such an extent that many of these organizations are rescheduling their testing of students entirely. Notably amongst these have been  Minnesota’s Department of Education, and again this week at Rutgers University, with the latter outage persisting through the weekend into the next week. It’s not confined to any particular region either, as we’re seeing things crop up in California, Colorado, Ohio, and other states.

But why the sudden onslaught? Sure, it’s testing season, and if the opportunity rises to cancel an exam, a student might be sorely tempted to make that happen. To some, it’s no different than pulling a fire alarm to burn time and in some respects, that’s exactly what it is. However, it doesn’t account for the frequency in comparison to the years prior, where DDoS was just as doable for an internet savvy student. Everything from YouTube instructions to walkthroughs have existed purely for this purpose for a few years now.

While we’ve covered the how and why of DDoS-ing schools and universities in a previous blog post, we thought it was interesting to revisit just how much we’ve seen it happening this year so far. We think the answer is likely simple,  and surprisingly not technical. Convenience and awareness. Read More

firewall2-01 (1)

The Great Firewall of China: Fears Realized

By | Blog, Tech News | No Comments

A couple of months ago, I wrote an article about how the Great Firewall of China, due to a code glitch, ended up sending out massive DDoS attacks. This obviously spells danger if it falls into the wrong hands and is misused. Last week, GitHub fell prey to a large DDoS attack that caused intermittent issues with their service for over four days. What was this DDoS attack all about? Why did it happen?

Read More

SNMP Attacks: The Big Thing of Today

By | Blog | No Comments

servers-01 (1)

First, there was DNS. Open DNS resolvers were exploited to generate massive DDoS attacks. Over time, most of these open DNS resolvers were patched so that they would not reply to unknown DNS requests. Then, there was NTP. Just like DNS, but at a much larger amplification factor, DDoS attackers were able to generate very large attacks. And just like DNS, over time exploitable NTP servers were mostly patched, making it significantly harder to generate the huge attacks that were wreaking havoc on the Internet. Although DNS and NTP amplification attacks still exist, they are much harder to execute and are nowhere near as large as they used to be. But now, SNMP amplification attacks are on the rise.

Read More