Week, this is apparently a much "stronger" than normal attack. It's a Ddos, which means that it's distributed amongst a LOT of computers-most likely by some type of virus\trojan type of program that the host computers silently run.
With the right resources, they can be caught-but given the nature of the industry, don't hold your breath waiting for the US gov't to step in & end it.
If this happened to a major site in the US, it could most likely be stopped in a matter of hours-but the resources are MUCH different in other countries.
FWIW, Royal is hosted out of a true data center and that staff was ready before the attacks were directed at them. The attack was stopped in a very short period of time(I don't have specifics), but this may be a facility that is tough to get in CR, if available at all.
With the right resources, they can be caught-but given the nature of the industry, don't hold your breath waiting for the US gov't to step in & end it.
If this happened to a major site in the US, it could most likely be stopped in a matter of hours-but the resources are MUCH different in other countries.
FWIW, Royal is hosted out of a true data center and that staff was ready before the attacks were directed at them. The attack was stopped in a very short period of time(I don't have specifics), but this may be a facility that is tough to get in CR, if available at all.
TTinCO is right about hosting in a real data center, typically sportsbooks have a server room and have everything in there (mail/web/internal servers), the problem is that they rarely have the kind of computer experts that are needed to repel this kind of attack, they have programmers and the like but for a DDoS they need experts in routing protocols and most likely also help from their ISP (they need to block the flood one step before it hits them otherwise they are already in trouble so they would block it one "step" before it goes into their network)
In a datacenter they have those guys by the dozen as its their daily activity , here in CR its even worse because they is basically one ISP and who knows if they would help in something like this. Many sportsbooks use satellite links for their operations so in this case its up to that provider to help in blocking the attack.
In a datacenter they have those guys by the dozen as its their daily activity , here in CR its even worse because they is basically one ISP and who knows if they would help in something like this. Many sportsbooks use satellite links for their operations so in this case its up to that provider to help in blocking the attack.
<BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Originally posted by Java:
Here's an idea:
Change your site so that it points to the FBI site instead. This will trick the hackers into attacking the FBI site. The FBI will be all over their asses.
<HR></BLOCKQUOTE>
Best post of the day.
Here's an idea:
Change your site so that it points to the FBI site instead. This will trick the hackers into attacking the FBI site. The FBI will be all over their asses.
Best post of the day.
On site technical support can NOT deal with these attacks without the support of the USA based ISP supplying them with IP traffic.
Let's assume the hackers have 100 Mbps of bandwidth to attack with and the book has 50 Mbps then no amount of packet filtering is going to stop this attack. There is nothing left out of the 50 Mbps for any legimtimate traffic.
The only successful way to stop these attacks is to get the collaboration of the ISP on the US side. All the way to what we call a NAP (network access point). They have >1000 Mbps and can easilly absord the attack.
Let's assume the hackers have 100 Mbps of bandwidth to attack with and the book has 50 Mbps then no amount of packet filtering is going to stop this attack. There is nothing left out of the 50 Mbps for any legimtimate traffic.
The only successful way to stop these attacks is to get the collaboration of the ISP on the US side. All the way to what we call a NAP (network access point). They have >1000 Mbps and can easilly absord the attack.
either US or CR if the ISP is the CR one....... (which few books really use for their main site operations, don't have a clue why if the price of satellite bandwidth is soooooooooooooooo high) we are talking about 6k for a mere 512 kbps satellite link, either way the ISP must be able to coordinate help for their customers , it doesnt matter what ISP it is, they must be able to help
from what I know (I am not an expert, still studying
) the typical one is a trojan little program that can use your connection to flood a specific target (not long ago someone tried to do this to the site of microsoft that distributes the patches for microsoft products)
Once you have this trojan in say 3000 computers, odds are that say 1000 might have high speed connections that in the States for example can have an average of 256 kbps (its the upload part not the download speed that counts here)
so imagine 256 kbps times 1000 plus 33 kbps times 2000 and you have killed a normal site
also depending on how skilled the attacker is, he can "spoof" that is fake the ip that is sending the info , so you can't even trace the thousands of machines that are targetting you
There are many ways to mitigate these attacks and its not the first time that they happen
if you are interested take a look at this link http://grc.com/dos/drdos.htm (there is a 23 page paper on the subject), the explanation there is very complete and easy to understand so everybody knows what happens when these idiots start to attack
Once you have this trojan in say 3000 computers, odds are that say 1000 might have high speed connections that in the States for example can have an average of 256 kbps (its the upload part not the download speed that counts here)
so imagine 256 kbps times 1000 plus 33 kbps times 2000 and you have killed a normal site
also depending on how skilled the attacker is, he can "spoof" that is fake the ip that is sending the info , so you can't even trace the thousands of machines that are targetting you
There are many ways to mitigate these attacks and its not the first time that they happen
if you are interested take a look at this link http://grc.com/dos/drdos.htm (there is a 23 page paper on the subject), the explanation there is very complete and easy to understand so everybody knows what happens when these idiots start to attack
"from what I know (I am not an expert, still studying ) the typical one is a trojan little program that can use your connection to flood a specific target (not long ago someone tried to do this to the site of microsoft that distributes the patches for microsoft products)
Once you have this trojan in say 3000 computers, odds are that say 1000 might have high speed connections that in the States for example can have an average of 256 kbps (its the upload part not the download speed that counts here)
so imagine 256 kbps times 1000 plus 33 kbps times 2000 and you have killed a normal site
also depending on how skilled the attacker is, he can "spoof" that is fake the ip that is sending the info , so you can't even trace the thousands of machines that are targetting you"
Wolfie, 100% Correct
Once you have this trojan in say 3000 computers, odds are that say 1000 might have high speed connections that in the States for example can have an average of 256 kbps (its the upload part not the download speed that counts here)
so imagine 256 kbps times 1000 plus 33 kbps times 2000 and you have killed a normal site
also depending on how skilled the attacker is, he can "spoof" that is fake the ip that is sending the info , so you can't even trace the thousands of machines that are targetting you"
Wolfie, 100% Correct
