Did You Know?



Reply
Community Leader
Jasper_The_Rasper
Posts: 1,045
Registered: ‎06-12-2013

New DoS attacks taking down game sites deliver crippling 100Gbps floods

Recent denial-of-service attacks taking down League of Legends and other popular gaming services are doing more than just wielding a never-before-seen technique to vastly amplify the amount of junk traffic directed at targets. In at least some cases, their devastating effects can deprive celebrity game players of huge amounts of money.

As Ars reported last week, the attacks are abusing the Internet's Network Time Protocol (NTP), which is used to synchronize computers to within a few milliseconds of Coordinated Universal Time. A command of just 234 bytes is enough to cause some NTP servers to return a list of up to 600 machines that have previously used its time-syncing service. The dynamic creates an ideal condition for DoS attacks. Attackers send a modest-sized request to NTP servers and manipulate the commands to make them appear as if they came from one of the targeted gaming services. The NTP servers, which may be located in dozens or even hundreds of locations all over the world, in turn send the targets responses that could be tens or hundreds of times bigger than the spoofed request. The technique floods gaming servers with as much as 100Gbps, all but guaranteeing that they'll be taken down unless operators take specific precautions ahead of time.

 

Full Topic

Community Leader

Please use plain text.