Posted on 12/09/2015 7:32:50 PM PST by dayglored
Ah, I had spoofing confused with using a VPN.
Dark Ages 2.0 is descending upon us. Continual warfare and destruction of Mediterranean trade routes took the rise of European civilization off line for hundreds of years. Now the same circumstances have sprung up. In both instances - infighting among the affected parties kept them from fixing the problem.
For the non-geeks:
Bookmark
209.157.64.200
&
209.157.64.201
Both’ll get you to FR without regard to DNS server problems. As well, you can get to other sites via their IP addresses. Domain Name Servers resolve the web address to the IP. When DNS fails for any reason, websites don’t load but usually will via IP.
This will get other IPs if you don’t know how to use your cmd interface
http://www.ip-tracker.org/
Create a separate folder for all your go-to websites via IPs with the name of the link being the URL and the shortcut address being the IP; it only takes minutes and reduces your reliance on tech that will ultimately fail again and cause you “Not found” or “Error” et al...
Thanks!
Fr ip
Bookmark
209.157.64.200
&
209.157.64.201
Interesting timing with the meeting coming up next week. The message is: the only viable defense against a DDoS attack is cooperation and to cut it off before it can get to the intended target. Once your network interfaces are flooded with traffic, there’s not much you can do, the wire/fiber’s bandwidth is full. The only real way to prevent/stop them is distributed just like the attack. Prevent or limit the amount of traffic you’re willing to forward. The anti-spoofing helps because it means you can effectively filter out the bots doing the attack.
It’s difficult to protect against a DDoS. There has to be a balance between security and functionality. The root servers are VERY busy and are not actually servers but farms of them. To jam up an entire DNS farm takes a very concerted effort.
I've assumed that for at least the last (say) decade, that the root servers are a widely-distributed, load-balanced farm, the sort of thing that supports Google's DNS and website, Wikipedia, Windows Update, and other high-capacity sites. Folks like Akamai have the facilities.
Which is why I found the news item about a successful DDoS against three root servers to be so interesting, and concerning. As you point out, one doesn't pull off a big DDoS without planning and trying very hard.
Well, you can have the biggest farm of servers on the planet, but if your pipe isn’t very big, it’s pretty simple to clog it with traffic.
The sole US-based root server, the “G” server, is located in Chicago and is in a locked rack in a lights-out datacenter. That means nothing when your ingress points are susceptible to clogging, which I suspect is part of the reason we’ve had these problems.
China ? Russia ? Iran ? Obama Regime ? Israel? Heretofore unknown hacker group ? White Hats? Black Hats?
Remember, and repeat after me, anonymous hackers are really big heroes.
An Administration that couldn't create a web page to sell a product like health insurance might not be capable of understanding how important the issue is...
Liberal elites think they're smart because they have "airs, attitudes, and tone"... but little else. They're fools.
These are scary times.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.