[Icecast] Help attack DDOS

Roman romeo.r at gmail.com
Wed Jun 6 07:11:47 UTC 2018

2018-06-06 9:57 GMT+03:00 Yahav Shasha <yahav.shasha at gmail.com>:

> well, on a large enough scale, it won't matter even if the server drops
> them, it will clog the nic way before it even gets to the server..
Still you are right if we speak about super mega extra large scale of tcp
syn attack, but I've never actually seen them THAT big. Usually few
hundreds of bots running on cheap vps with 100 mbps shared connection,
which typical nowadays server might take care of on a 1 gbps port. TCP
requests are not that large to hit the nic at 1 gbps connection. It might
be like 1 mln or even more requests to kill it. To kill a 100 mbps port you
have to generate like somehow about 210 000 syn pps. Thats a lot. And for 1
gbps its like 2 100 00 pps. This should be really large botnet all over the
world, otherwise it will be kept down by and upstream provider, as they
don't like ddos also. If it would be that large this guy would be
blackholed on the bgp layer already.

Best regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20180606/05ef3544/attachment.htm>

More information about the Icecast mailing list