

Ask HN: Scale of real-life DDoS attacks? - alexkon

What was the biggest DDoS attack you have ever encountered? How many gigabits per second? Packets per second? How many unique source IP addresses? How long did it last?<p>The peak number of real (non-spoofed) source IPs is also very interesting. I wonder whether it is feasible to automatically maintain a blacklist of offending IPs that managed to establish a TCP connection (and are thus real).
======
willvarfar
Its old but GRC had a write-up about the attacks against them and infiltrating
the bots: <http://www.crime-research.org/library/grcdos.pdf>

I couldn't find the originals on GRC website anymore:
<http://www.grc.com/default.htm>

If I recall, after that writeup, GRC was knocked off the web by a BGP attack
or something...

------
Joakal
The best attack vector is usually Apache. Nonetheless, the records I heard are
from Akamai:

Peak: 300,000 unique IPs, 795,000 page views/s, 98,000 unique views/s, 200Gbps
[0].

[0] <http://wwwns.akamai.com/rsa_2011/RSA_NOCC_DDoS.pdf>

------
dmk23
I have not encountered DDoS attacks directed at my own properties, but I had
domains hosted on Namecheap that were hit when their DNS got DDoS'd a few
times last year.

There is plenty of coverage of this if you just do a search:
[http://www.google.com/search?gcx=c&sourceid=chrome&i...](http://www.google.com/search?gcx=c&sourceid=chrome&ie=UTF-8&q=namecheap+dns+ddos)

------
alexkon
I have collected some reports on DDoS sizes here:
[https://code.google.com/p/googleappengine/issues/detail?id=6...](https://code.google.com/p/googleappengine/issues/detail?id=6000#c1)

