1. InfoconDB
  2. Black Hat
  3. Black Hat USA 2013
  4. Lessons from Surviving a 300Gbps Denial of Service Attack

Lessons from Surviving a 300Gbps Denial of Service Attack

Presented at Black Hat USA 2013, July 31, 2013, 10:15 a.m. (60 minutes)

On Saturday, March 23, 2013, a distributed denial of service (DDoS) attack against Spamhaus that had been growing for weeks culminated with over 300 Gigabits per second of attack traffic targeting the anti-spam organization's network. At that point it became the largest such attack ever reported in history - at least 4x the size of the attacks that crippled US banks just a few months earlier. The attackers launched the full range DDoS methods at Spamhaus - simultaneously targeting Layer 3, Layer 4, and Layer 7. Spamhaus has given us permission to tell the full, behind-the-scenes story of what happened, show how the attacks were launched, outline the techniques the attackers used, and detail how Spamhaus.com was able to stay online throughout. While the Spamhaus story has a happy ending, the massive DDoS exposed key vulnerabilities throughout the Internet that we will need address if the network is to survive the next, inevitably larger, attack.


Presenters:

  • Matthew Prince - CloudFlare, Inc.
    Matthew Prince (@eastdakota) is the co-founder & CEO of CloudFlare, the web performance and security company. Matthew wrote his first computer program at age 7 when his mom would sneak him in to university computer science courses. After attending law school, he worked as an attorney for one day before jumping at the opportunity to be a founding member of a tech startup. He hasn't looked back. CloudFlare is Matthew's third entrepreneurial venture. CloudFlare was named a 2012 Technology Pioneer by the World Economic Forum and selected by the Wall Street Journal as the Most Innovative Internet Technology company for the last two years running. Today, CloudFlare accelerates and protects more than 120 billion page views for over a million customers and more than 1.5 billion web visitors every month. Matthew holds a degree in English and Computer Science from Trinity College. He graduated with highest honors from the Harvard Business School where he was a George F. Baker Scholar and was awarded the Dubliner Prize for Entrepreneurship. He earned a JD from the University of Chicago and is a member of the Illinois Bar. He teaches technology law as an adjunct professor at the John Marshall Law School where he serves on the Board of Advisors for the Center for Information Technology and Privacy Law. He is also the co-creator of Project Honey Pot, the largest community of webmasters tracking online fraud and abuse. On the side, Matthew is a certified ski instructor, a former mountain guide, and a regular attendee of the Sundance Film Festival.

Links:

Similar Presentations: