Website Security – Interesting 65Gbps DDos Case Study

The web can be a scary place with all sorts of website and internet security issues that may arise when you’re running a public facing site. Issues like cross site scripting, SQL injection, email harvesting, comment spam, DDos attacks and others, occur on a daily basis.

There are many different ways to combat these problems with varying levels of success. The is a huge industry of web security software and tools out there. The industry is changing rapidly due to changes in infrastructure because of cloud computing. The one approach that does not work well (and never has) is the set it and forget approach that many people use when they create a new site. Since website security is an on-going challenge, it’s best to use professional level services and stay up to date with everything. Unfortunately, some of these services can be quite pricey.

We take website security and performance very seriously and offer a range of services in these areas. We use multiple services and techniques to protect all of the public (and private) sites we create. One of the methods is a security service called CloudFlare which we will describe below and walk through a case study they published over the weekend.  Here is a quick overview of the service: CloudFlare is a quickly growing, venture capital backed web security and performance start-up.

CloudFlare presently serves over 65 BILLION (yes Billion, not Million) pageviews a month across their network of sites they support.

Here is some perspective on their size from a VentureBeat article: “We do more traffic than Amazon, Wikipedia, Twitter, Zynga, AOL, Apple, Bing, eBay, PayPal and Instagram combined,” chief executive Matthew Prince told VentureBeat. “We’re about half of a Facebook, and this month we’ll surpass Yahoo in terms of pageviews and unique visitors.”

They have a great list of features:

  • Managed Security-As-A-Service
  • Completely configurable web firewall
  • Collaborative security and threat identification – Hacker identification
  • Visitor reputation security checks
  • Block list, trust list
  • Advanced security – cross site scripting, SQL injection, comment spam, excessive bot crawling, email harvesters, denial of service
  • 20+ data centers across globe
  • First-level cache to reduce server load and bandwidth
  • Site-level optimizations to improve performance

Over the weekend they had some interesting events happen in their European data centers and wrote a couple blog posts about it. Linked here and summarized below:

What Constitutes a Big DDoS?

A 65Gbps DDoS is a big attack, easily in the top 5% of the biggest attacks we see. The graph below shows the volume of the attack hitting our EU data centers (the green line represents inbound traffic). When an attack is 65Gbps that means every second 65 Gigabits of data is sent to our network. That’s the equivalent data volume of watching 3,400 HD TV channels all at the same time. It’s a ton of data. Most network connections are measured in 100Mbps, 1Gbps or 10Gbps so attacks like this would quickly saturate even a large Internet connection.

 

To launch a 65Gbps attack, you’d need a botnet with at least 65,000 compromised machines each capable of sending 1Mbps of upstream data. Given that many of these compromised computers are in the developing world where connections are slower, and many of the machines that make up part of a botnet may not be online at any given time, the actual size of the botnet necessary to launch that attack would likely need to be at least 10x that size.

 

In terms of stopping these attacks, CloudFlare uses a number of techniques. It starts with our network architecture. We use Anycast which means the response from a resolver, while targeting one particular IP address, will hit whatever data center is closest. This inherently dilutes the impact of an attack, distributing its effects across all 23 of our data centers. Given the hundreds of gigs of capacity we have across our network, even a big attack rarely saturates a connection.

 

At each of our facilities we take additional steps to protect ourselves. We know, for example, that we haven’t sent any DNS inquiries out from our network. We can therefore safely filter the responses from DNS resolvers. We can therefore drop the response packets at our routers or, in some cases, even upstream at one of our bandwidth providers. The result is that these types of attacks are relatively easily mitigated.

 

What was fun to watch was that while the customer under attack was being targeted by 65Gbps of traffic, not a single packet from that attack made it to their network or affected their operations. In fact, CloudFlare stopped the entire attack without the customer even knowing there was a problem. From the network graph you can see after about 30 minutes the attacker gave up. We think that’s pretty cool and, as we continue to expand our network, we’ll get even more resilient to attacks like this one.

Link to original post: http://blog.cloudflare.com/65gbps-ddos-no-problem

The big takeaway for us is that we’re in a better spot by using CloudFlare. There are very few security software tools or services out there that would be able to handle this sort of attack, mitigate it and then describe it in such a short period of time.

[gravityform id=”4″ name=”Subscribe to our Blog” description=”false” ajax=”false”]

Freelance Designer Job Opportunity

We’re looking for freelance Graphics Designers!!!!!

Solid Logic Technology Inc. (SLTI) is a ‘virtual’ web and mobile application development company founded in early 2011. We’re based in Birmingham, MI but work out of remote offices across the globe. Our projects are cloud-based and ‘social’ in some way and integrate with Facebook, Twitter, Tumblr, 500px, Instagram, Flickr or other Web 2.0 sites. We’re growing and want to expand our artistic and graphics design team. We’re currently looking for freelance designers with experience in web graphical design, mobile app graphical design & print design.

Benefits for you:

  • Very competitive pay rates
  • Flexible work hours & times
  • Relaxed work environment – Work from your home office/coffee shop/wherever – no office to drive to
  • Use new/emerging technologies and techniques
  • Minimal bureaucracy, red tape or busywork

Requirements of you:

  • Undergraduate degree in Graphics Design, Web Design, Art, or similar experience
  • Experience and knowledge in various platforms of design including web, mobile and print
  • Be current and up to date with web & mobile UI/UX design trends, techniques, etc.
  • A current copy of your portfolio available online or in PDF form
  • Must be an effective communicator. Must be able to communicate design concepts, ideas and reasons for choices to SLTI management and clients
  • Ability and means to effectively present work in person or remotely (i.e. TeamViewer6, Webex, Skype, etc.)
  • Self-Motivated and able to meet deadlines
  • Personal laptop computer (current Mac or PC) and high-speed internet connection
  • Adobe Creative Suite CS4 or higher (Photoshop, InDesign, Illustrator, Dreamweaver, etc.)

How to Apply:

  • Email us at artcareers@solidlogic.com and we’ll be in touch with you. Include the following items with your email:
  • A current résumé and copy of your portfolio (in PDF form or link to it online).
  • Your time availability (hours per week, general days of the week and time of day)
  • Anything else on why you would be the ideal candidate for the position

Solid Logic Technology Inc. Company Overview & Background:

  • Solid Logic Technology Inc. (SLTI) is a ‘virtual’ web and mobile application development company founded in early 2011 by two experienced IT professionals.
  • SLTI partners have a combined 25+ years of software development experience across numerous industries
  • We use a distributed development model – We have no physical offices. All employees work remotely
  • We embrace lean start-up concepts and focus on constant learning and improvement.
  • Most of our employees (outside of managing partners) are freelance contractors
  • We develop both client projects (contract development) and internal properties that we then launch and manage
  • Our clients include established names and brands as well as new start-ups
  • We are very selective in the clients and client projects we take on – we don’t need to take a project in order to ‘pay the bills’
  • We love to build applications using emerging technology, design methods and functionality
  • Our value to clients is that we can provide enterprise-level software design and development skills, lean IT & startup expertise with unmatched flexibility and expertise
  • All of our IT infrastructure is in the cloud – SLTI has no physical data center to manage. All client and internal projects and information is securely stored in the cloud

Who is Solid Logic Technology Inc. (SLTI)?

As you may have noticed, our website has been updated over the past few days.  We thought this would be a good time to answer some questions. This post should give you a good idea of who we are and where we are headed.

We’re a Birmingham, Michigan based mobile application development start-up founded by two entrepreneurs – Eric Detterman and Ron Redmer – that love technology and have spent their entire careers around it.  We have developed web software, mobile apps, trading systems (stock, commodities, and currencies), photography systems, call center software, technology for the defense industry and many other things.  We have personally been involved in pretty much everything related to the IT industry –  software development (coding in most major programming languages and even some obscure ones), software development management (in-house, outsourced, offshore, etc.), hardware virtualization, ‘cloud computing’, advanced technologies, etc. Click here to view our management team bios.

Solid Logic Technology Inc. uses software and technology as a means to an end – it allows us to accomplish some goal for ourselves or our clients.  We build software to do cool things with mobile phones, cloud-based web servers and other cutting edge technology.  We try to align ourselves with the leaders in the IT industry – Apple, Google, Amazon, Facebook, Twitter, etc. We focus on bringing thought leadership and value to each client project.  We have managed internal data centers before but don’t anymore – everything we do runs securely in the cloud so we don’t have to think about it very much. This frees us up to focus on creating software.

What is SLTI going to blog about?

We’re going to blog about quite a few different topics. We’re going to use the blog as a way to communicate things we’ve learned throughout our careers and some of the cool things we come across day to day.  We’re going to have some posts specific to the work we do and some complex software and technology items for the geeks and we’ll also have a lot of things for everyone else too.

Business and Non-Technical Ideas

    • ‘Lean’ start-up concepts (http://en.wikipedia.org/wiki/Lean_Startup)
    • Outsourcing and ‘Virtual Assistants’– Business, Personal, Lifestyle
    • How to improve the workplace with technology and process improvements
    • How to work the same amount of time and get more done
    • IT Industry trends, reviews and commentary
    • Smart-Phone and Mobile Tablet Industry trends, reviews and commentary
    • Common software development errors
    • What works and what doesn’t work in software development projects
    • How to explain highly technical items to people who don’t care about or don’t understand the technical aspects
    • How to eliminate information overload (i.e. 200+ emails daily!)
    • Software and business risk reduction
    • IT software & service provider selection process
    • Our community involvement

Technical Ideas

    • New Technology – programming languages, techniques, development environments, virtualization
    • Cloud computing
    • iOS, iPhone, iPad, Android and Blackberry app development concepts
    • Mobile app and web integration
    • Open Source and proprietary software analysis
    • Software and tool reviews

So far these are our ideas. If you have any other ideas or suggestions – feel free to drop it in a comment or contact us. Since we’re still making changes and improvements to the site, please subscribe to the blog so we can keep you up to date with our progress.