jm + gizmodo   2

Flashback: How Yahoo Killed Flickr and Lost the Internet
This is about the best tech journalism I've ever read on Flickr. nice one Mat Honan
gizmodo  flickr  acquisition  mergers  yahoo  corporate-culture  mat-honan  tech  journalism 
may 2013 by jm
One of CloudFlare's upstream providers on the "death of the internet" scare-mongering
Having a bad day on the Internet is nothing new. These are the types
of events we deal with on a regular basis, and most large network
operators are very good at responding quickly to deal with situations like
this. In our case, we worked with Cloudflare to quickly identify the
attack profile, rolled out global filters on our network to limit the
attack traffic without adversely impacting legitimate users, and worked
with our other partner networks (like NTT) to do the same. If the attacks
had stopped here, nobody in the "mainstream media" would have noticed, and
it would have been just another fun day for a few geeks on the Internet.

The next part is where things got interesting, and is the part that nobody
outside of extremely technical circles has actually bothered to try and
understand yet. After attacking Cloudflare and their upstream Internet
providers directly stopped having the desired effect, the attackers turned
to any other interconnection point they could find, and stumbled upon
Internet Exchange Points like LINX (in London), AMS-IX (in Amsterdam), and
DEC-IX (in Frankfurt), three of the largest IXPs in the world. An IXP is
an "interconnection fabric", or essentially just a large switched LAN,
which acts as a common meeting point for different networks to connect and
exchange traffic with each other. One downside to the way this
architecture works is that there is a single big IP block used at each of
these IXPs, where every network who interconnects is given 1 IP address,
and this IP block CAN be globally routable. When the attackers stumbled
upon this, probably by accident, it resulted in a lot of bogus traffic
being injected into the IXP fabrics in an unusual way, until the IXP
operators were able to work with everyone to make certain the IXP IP
blocks weren't being globally re-advertised.

Note that the vast majority of global Internet traffic does NOT travel
over IXPs, but rather goes via direct private interconnections between
specific networks. The IXP traffic represents more of the "long tail" of
Internet traffic exchange, a larger number of smaller networks, which
collectively still adds up to be a pretty big chunk of traffic. So, what
you actually saw in this attack was a larger number of smaller networks
being affected by something which was an completely unrelated and
unintended side-effect of the actual attacks, and thus *poof* you have the
recipe for a lot of people talking about it. :)

Hopefully that clears up a bit of the situation.
bandwidth  internet  gizmodo  traffic  cloudflare  ddos  hacking 
march 2013 by jm

Copy this bookmark:



description:


tags: