As opposed to the public telephone network, the internet has a Packet Switched design. But just how big can these packets be?
Last month we shared statistics on some popular reflection attacks. Back then the average SSDP attack size was ~12 Gbps.
Recently Akamai published an article about CLDAP reflection attacks. This got us thinking. We saw attacks from Connectionless LDAP servers back in November 2016 but totally ignored them because our systems were automatically dropping the attack traffic without any impact.
We extensively monitor our network and use multiple systems that give us visibility including external monitoring and internal alerts when things go wrong.
Recent headline grabbing DDoS attacks provoked heated debates in the DNS community. Everyone has strong opinions on how to harden DNS to avoid downtime in the future. Is it better to use a single DNS provider or multiple?