Author: Tom Bienkowski

503 “Service Unavailable” … Busy Server or DDoS Attack?

503 “Service Unavailable” …Ever receive this error code from one of your web servers?

How about this in your log files?

TCP   192.168.3.102:34678      91.128.45.2:443      ESTABLISHED

TCP   192.168.3.102:34680      198.23.78.45:80      ESTABLISHED

TCP   192.168.3.102:34685      40.33.75.45:443      TIME_WAIT

TCP   192.168.3.102:34696      40.33.75.45:443      TIME_WAIT

TCP   192.168.3.102:34705      91.13.15.23:443      TIME_WAIT

TCP   192.168.3.102:34715      91.13.15.23:443      TIME_WAIT

Busy server? Maybe not. It could be the result of an application-layer DDoS attack.

Read more

No Sooner Did the Ink Dry… A 1.7Tbps DDoS Attack Makes History

In January 2018 NETSCOUT Arbor published our 13th Annual Worldwide Infrastructure Report (WISR 2018).

This year’s report noted that the largest DDoS attack was 650 Gbps; which was down from the prior year of 800 Gbps.  The report also noted that though the largest DDoS attack was 650Gbps, the overall mix of attack sizes is still shifting up.  For example, this year the percentage of attacks over 1 Gbps has increased to 22%, growing three years in a row.

No sooner had the ink dried on WISR 2018, did we encounter a 1.7Tbps DDoS attack!

Read more