Orange Polska tamed the beast. The client was extremely lucky
CERT Orange Polska becomes a new record access to the customer of the orange network. It helped to introduce the tool poisoned movement.
Warsaw client of the service Neostrada was the goal record DDoS style (Distributed Denial of Service) on the Orange Polska network. His strength was up 543.9Gbps. The previous search record for a stylish DDoS, which the operator informed on March 3, 2021. Characteristic strength 476.2Gbps.
The new record-breaking attack was thwarted by a filtering method BGP flow specification. At the end of 2018, CERT Orange Polska launched support for DDoS attack mitigation that does not require operator intervention, resulting in at the bottom of the “poisoned” traffic.
DDoS automitigation by BGP Flowspec consists of two elements. The first one is for a constant test of traffic from different places in the backbone network (analyzing from 1/1000 to 1/5000 of sent packets under special functions for DDoS). Although the specifying source address can be substituted (spoofed), it is not specified as a parameter describing network traffic. Properly placed vertically, they shell the authentic ones.
Information processing will automatically go to the routing table in all Orange backbone routers. Flowspec information overrides the default tables, depending on what, after recognizing “poisoned” traffic and sending information, an attempt to redirect to /dev/null in the examination/each element of the Orange Polska backbone network.
Perhaps there will be those of you who will think or say: “This is supposed to be someone else? What are you going for the record?”. mine not. To the criminal. We’re just doing our thing. And the industry knows this, considering that 90% of the market against DDoS is protected by Orange Polska.
– we read in CERT Orange Polska
Look: Poles’ money. All for a few liters
Look: Attack on T-Mobile customers. I think it’s news like this
Image credit: sylv1rob1 / Shutterstock.com, CERT Orange
Text source: CERT Orange