Seenthis
•
 
Identifiants personnels
  • [mot de passe oublié ?]

 
  • #a
  • #ak
  • #aka
RSS: #akamai

#akamai

  • #akamai_targeting_geolocation_network_connection
  • @etraces
    etraces @etraces ART LIBRE 26/09/2018
    1
    @laquadrature
    1

    GAFA : « Il faut prendre la Bastille numérique »
    ▻https://www.alternatives-economiques.fr/gafa-faut-prendre-bastille-numerique/00086228

    Ils bousculent tout sur leur passage. Les GAFA (pour Google, Apple, Facebook et Amazon) ont pris le contrôle d’un monde numérique en expansion continue. Leur emprise soulève une opposition croissante de la part des citoyens comme des gouvernements, que ce soit parce que ces entreprises évitent massivement l’impôt, ou parce que l’économie de plate-forme qu’elles instaurent bouleverse les règles d’organisation de notre économie. Comment les pouvoirs publics peuvent-ils réagir ? Sébastien Soriano, à la (...)

    #Apple #Google #Amazon #Facebook #Uber #Netflix #Deliveroo #algorithme #travail #domination #données #solutionnisme #BigData #GAFAM #Akamai #ARCEP #France_Telecom #Orange #GooglePlayStore #AppleStore #Android #iOS (...)

    ##terms

    https://www.alternatives-economiques.fr/sites/default/files/public/styles/for_social_networks/public/field/image/rea_255102_025.jpg

    etraces @etraces ART LIBRE
    Écrire un commentaire

  • @nhoizey
    Nicolas Hoizey @nhoizey CC BY-NC-SA 4/08/2017

    Akamai Content Targeting
    ▻https://community.akamai.com/community/web-performance/blog/2016/03/16/content-targeting-a-basic-introduction

    “Akamai maintains a database of information about IP addresses around the world which we refer to as our Edgescape data. The Content Targeting module uses this Edgescape data. An EdgeServer can add the requesting user’s geographic location, network, connection speed, etc to a request header, and insert this into the forward request to your origin. The information in the header enables you to target the response for that particular user in any way you like.”

    #Akamai_targeting_geolocation_network_connection

    • #Akamai
    Nicolas Hoizey @nhoizey CC BY-NC-SA
    Écrire un commentaire

  • @reflets
    Reflets [RSS] @reflets 24/06/2017

    #Le_Pistolet_et_la_Pioche S01E03 : Internet se meurt-il ?
    ▻https://reflets.info/le-pistolet-et-la-pioche-s01e03-internet-se-meurt-il

    Le Pistolet et La Pioche aime se poser des questions. Et celle-là, même si elle peut paraître un peu bizarre, nous intéresse. Alors pourquoi ne pas poser la question à un spécialiste du grand bazar […]

    #AFNIC #Akamai #Bortzmeyer #CDN #cloud #cloudflare #DNS #Dyn #mort_d'Internet #Surveillance_de_masse
    ▻https://reflets.info/wp-content/uploads/LPLPS01E03.mp3


    ▻https://reflets.info/wp-content/uploads/LPLPS01E03.ogg

    Reflets [RSS] @reflets
    Écrire un commentaire

  • @erratic
    schrödinger @erratic 24/10/2016

    NewWorldHackers & Anonymous are behind the massive DDoS attack against Dyn DNS service, using the Mirai bonnet and other booters

    ▻http://securityaffairs.co/wordpress/52583/hacking/dyn-dns-service-ddos-3.html

    When I asked which Anon groups were involved they replied me that many crews targeted the Dyn DNS service.
    “Anonymous, Pretty much all of Anonymous” sais NewWorldHackers.
    They confirmed me that they are testing the capability of their botnet, highlighting that the DDoS attack against the Dyn DNS Service was carried with the Mirai botnet alongside with other booters.

    #DDoS #botnet #Mirai
    #NewWorldHackers #Anonymous
    #Dyn #DNS
    #IoT

    • #Akamai
    • #DNS
    schrödinger @erratic
    • @erratic
      schrödinger @erratic 24/10/2016

      Statement by Dyn

      ▻http://hub.dyn.com/static/hub.dyn.com/dyn-blog/dyn-statement-on-10-21-2016-ddos-attack.html

      We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai bonnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack.

      #Flashpoint #Akamai

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 24/10/2016

      Krebs’s view on this

      ▻https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage

      “The issue with these particular devices is that a user cannot feasibly change this password,” Flashpoint’s Zach Wikholm told KrebsOnSecurity. “The password is hardcoded into the firmware, and the tools necessary to disable it are not present.

      #XiongMai

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 24/10/2016

      Rumours about extorsion

      ▻http://www.networkworld.com/article/3133751/security/extensive-ddos-attack-against-dyn-restarts-could-indicate-a-new-use-of

      Cunningham [director of cyber operations for A10 Networks] says he’s seen chatter on underground forums indicating that the attackers tried to extort Bitcoin from Dyn by threatening the attacks, and when the provider didn’t pay up, launched them. He says Dyn seems to be doing a pretty good job of mitigating the effects relatively quickly.

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 24/10/2016

      Lengthy and interesting article by #Level3 on Mirai, containing information on the C2s (command & control servers) and the structure of the botnet

      ▻http://blog.level3.com/security/grinch-stole-iot

      By analyzing the communication patterns of the Mirai C2 IP addresses, we were able to identify and enumerate Mirai’s infrastructure. This analysis was later confirmed accurate when the Mirai source code was released.

      http://blog.level3.com/wp-content/uploads/2016/10/Figure-3-Mirai.jpg

      #gafgyt

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 24/10/2016

      The Mirai source code

      ▻https://github.com/jgamblin/Mirai-Source-Code

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 24/10/2016

      Chinese firm admits its hacked DVRs, cameras were behind [Dyn DNS] massive DDOS attack

      ▻http://www.pcworld.com/article/3134039/hacking/chinese-firm-admits-its-hacked-products-were-behind-fridays-massive-ddos-at

      Hangzhou Xiongmai Technology, a vendor behind DVRs and internet-connected cameras, said on Sunday that security vulnerabilities involving weak default passwords in its products were partly to blame.

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 9/11/2016

      DDos On Dyn Used Malicious TCP, UDP Traffic

      ▻http://www.darkreading.com/attacks-breaches/ddos-on-dyn-used-malicious-tcp-udp-traffic-/d/d-id/1327309

      Scott Hilton, executive vice president of product for Dyn, in a blog post said the attackers employed masked TCP and UDP traffic via Port 53 in the attack as well as recursive DNS retry traffic, “further exacerbating its impact,” he said.

      [...]

      He noted that the DNS traffic sent in the DDoS attacks also generated legitimate DDoS retry traffic, making the attack more complicated to parse, and the attack generated ten- to 20 times the normal DNS traffic levels thanks to malicious and legit retries.

      “During a DDoS which uses the DNS protocol it can be difficult to distinguish legitimate traffic from attack traffic,” he said in the post. “When DNS traffic congestion occurs, legitimate retries can further contribute to traffic volume. We saw both attack and legitimate traffic coming from millions of IPs across all geographies.”

      schrödinger @erratic
    Écrire un commentaire

  • @erratic
    schrödinger @erratic 8/10/2016
    2
    @fil
    @biggrizzly
    2

    More on Mirai, and more than Mirai

    ▻http://www.securityweek.com/mirai-iot-botnet-not-only-contributor-massive-ddos-attack-akamai

    Akamai says Mirai was not alone:

    While Akamai confirmed that the Mirai botnet was part the attack, the company also said that Mirai was only “a major participant in the attack” and that at least one other botnet might have been involved, though they couldn’t confirm that the attacks were coordinated.

    Akamai refers to Mirai as Kaiten and has it documented here:
    ▻https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/kaiten-std-router-ddos-malware-threat-advisory.pdf

    More on the released source code of Mirai which confirms the use of GRE flooding, one of the techniques used on top of DNS Water Torture:

    ▻http://www.securityweek.com/hacker-releases-source-code-iot-malware-mirai

    A copy of the source code files provided to SecurityWeek includes a “read” where the author of Mirai explains his reasons for leaking the code and provides detailed instructions on how to set up a botnet.

    [...]

    Mirai, believed to have made rounds since May 2016, infects IoT devices protected by weak or default credentials. Once it hijacks a device, the threat abuses it to launch various types of DDoS attacks, including less common UDP floods via Generic Routing Encapsulation (GRE) traffic.

    This was proven through reverse-engineering by
    ▻http://cyberx-labs.com/en/blog/cyberx-reveals-gre-evidence-krebs-iot-based-attack-largest-ddos-interne

    It is still GRE is still an uncommon attack vector, but it was already used during the 2016 Rio games
    ▻http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/how-a-massive-540-gbsec-ddos-attack-failed-to-spoil-the-rio-olympics

    For some French, see also here:
    ▻https://seenthis.net/messages/530903

    #Mirai #Kaiten
    #Akamai
    #DDoS
    #Brian_Krebs
    #OVH
    #GRE
    #DNS_Water_Torture

    • #Akamai
    schrödinger @erratic
    • @erratic
      schrödinger @erratic 8/10/2016

      What cameras, IoT and DVR devices are taking part of Mirai ?

      https://krebsonsecurity.com/wp-content/uploads/2016/10/iotbadpass-pdf.png

      from Krebs:

      ▻https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 8/10/2016

      ▻http://www.forbes.com/sites/thomasbrewster/2016/10/07/chinese-firm-xm-blamed-for-epic-ddos-attacks/#5b59fcd33bf5

      But one researcher, Flashpoint’s Zachary Wikholm, today claimed to have found a single Chinese firm, Hangzhou XiongMai Technologies (XM), that shipped flawed code allowing the perpetrators to potentially amass nearly half a million bots for their malicious network.

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 8/10/2016

      Interesting article by F5 which goes in a bit more detail about the two types of GRE flood attacks (Ethernet and IP based)

      ▻https://f5.com/about-us/news/articles/mirai-the-iot-bot-that-took-down-krebs-and-launched-a-tbps-ddos-attack-on-ovh-21

      They also make a reference to the origin of the Mirai name:

      It seems that the bot creator named his creation after a Japanese series “Mirai Nikki (The Future Diary)” and uses the nickname of “Anna-senpai” referring to the “Shimoneta” series.

      https://f5.com/Portals/1/Images/News/blogs/mirai-inspiration.JPG

      schrödinger @erratic
    • @sandburg
      Sandburg @sandburg CC BY-SA 8/10/2016

      Default password for most popular devices.
      www.phenoelit.org/dpl/dpl.html

      admin 123456
      admin password
      Cisco Cisco
      login password
      root password
      …
      Le plus drole :
      Administrator changeme

      Sandburg @sandburg CC BY-SA
    • @erratic
      schrödinger @erratic 8/10/2016

      Here are the 61 passwords that powered the Mirai IoT botnet
      ▻http://www.csoonline.com/article/3126924/security/here-are-the-61-passwords-that-powered-the-mirai-iot-botnet.html

      http://images.techhive.com/images/article/2016/10/mirai_botnet_passwords-100685646-orig.jpg

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 14/10/2016

      Some more information on its spread, operations, and code, by Incapsulate.

      ▻https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html

      One of the most interesting things revealed by the code was a hardcoded list of IPs Mirai bots are programmed to avoid when performing their IP scans.

      This list is interesting, as it offers a glimpse into the psyche of the code’s authors. On the one hand, it exposes concerns of drawing attention to their activities. A concern we find ironic, considering that this malware was eventually used in one of the most high-profile attacks to date.

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 15/10/2016

      US CERT Threat Alert : Heightened DDoS Threat Posed by Mirai and Other Botnets
      ▻https://www.us-cert.gov/ncas/alerts/TA16-288A

      schrödinger @erratic
    • @sandburg
      Sandburg @sandburg CC BY-SA 16/10/2016

      ▻http://www.defaultpassword.com/?action=dpl

      Sandburg @sandburg CC BY-SA
    • @erratic
      schrödinger @erratic 30/10/2016

      ▻http://www.securityweek.com/whats-fix-iot-ddos-attacks

      HTTP GET floods were already pernicious. For years, attackers have been able to disable web sites by sending a flood of HTTP requests for large objects or slow database queries. Typically, these requests flow right through a standard firewall because hey, they look just like normal HTTP requests to most devices with hardware packet processing. The Mirai attack code takes it a step further by fingerprinting cloud-based DDoS scrubbers and then working around some of their HTTP DDoS mitigation techniques (such as redirection).

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 19/11/2016

      Mirai botnet leverages #STOMP Protocol to power DDoS attacks.

      ▻http://securityaffairs.co/wordpress/53544/malware/mirai-botnet-stomp.html

      STOMP is a simple application layer, text-based protocol [an alternative to other open messaging protocols, such as AMQP (Advanced Message Queuing Protocol] that allows clients communicate with other message brokers. It implements a communication method among for applications developed using different programming languages.

      [...]

      Below the steps of the DDoS STOMP attack:

      • A botnet device uses STOMP to open an authenticated TCP handshake with a targeted application.
      • Once authenticated, junk data disguised as a STOMP TCP request is sent to the target.
      • The flood of fake STOMP requests leads to network saturation.
      • If the target is programmed to parse STOMP requests, the attack may also exhaust server resources. Even if the system drops the junk packets, resources are still used to determine if the message is corrupted.

      How Mirai Uses STOMP Protocol to Launch DDoS Attacks

      ▻https://www.incapsula.com/blog/mirai-stomp-protocol-ddos.html

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 29/11/2016

      Mirai botnet with 400.000 devices now for rent

      ▻http://www.ibtimes.co.uk/ddos-hire-service-now-advertising-renting-out-400000-bot-strong-mirai-bot

      A DDoS-for-hire service, run by two hackers going by the pseudonyms Popopret and BestBuy, is now reportedly advertising a Mirai botnet up for rent. The Mirai botnet allegedly comprises of over 400,000 infected bots and may have been sired from the original Mirai source code.

      [...]

      renting the botnet does not come cheap. Customers desiring to rent the botnet must do so for a minimum of two weeks. However, clients can determine the amount of bots, the attack duration and the DDoS cool down (a term which refers to the length of time between consecutive attacks).

      [...]

      Popapret and BestBuy’s Mirai botnet is a more evolved version of the original botnet. The two hackers have added new features, such as brute-force attacks via SSH and support for exploiting zero-day vulnerabilities. According to two security researchers, going by handle 2sec4u and MalwareTech on Twitter, some of the newly created Mirai botnets can now carry out DDoS attacks by spoofing IP addresses and may also be capable of bypassing DDoS mitigation systems.

      Source:
      ▻http://www.bleepingcomputer.com/news/security/you-can-now-rent-a-mirai-botnet-of-400-000-bots

      schrödinger @erratic
    • @erratic
      schrödinger @erratic 21/08/2017

      Understanding the Mirai Botnet

      ▻https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-antonakakis.pdf

      In this paper, we provide a seven-month retrospective analysis
      of Mirai’s growth to a peak of 600k infections and a history of its DDoS victims. By combining a variety of measurement perspectives, we analyse how the botnet emerged, what classes of devices were affected, and how Mirai variants evolved and competed for vulnerable hosts. Our measurements serve as a lens into the fragile ecosystem of IoT devices. We argue that Mirai may represent a sea change in the evolutionary development of bonnets—the simplicity through which devices were infected and its precipitous growth, demonstrate that novice malicious techniques can compromise enough low-end
      devices to threaten even some of the best-defended targets.
      To address this risk, we recommend technical and nontechnical
      interventions, as well as propose future research directions.

      #DDoS

      schrödinger @erratic
    Écrire un commentaire

  • @erratic
    schrödinger @erratic 28/04/2014

    Akamai’s State of the Internet Report Q4 2013

    ▻http://www.akamai.com/dl/akamai/akamai-soti-q413.pdf

    Compared to Q1 (▻http://seenthis.net/messages/160906):

    Average connection speed by EMEA country:
    – France moves from 37th to 35th position
    – Belgium from 17th to 11th position
    – Netherlands from 5th to 3rd position

    Also:
    High Broadband (>10Mbps) connectivity
    – Netherlands = 3rd, with 45% above 10Mbps
    – Belgium = 7th, with 35%
    – France = ...33rd with 12%

    #akamai
    #bandwidth

    • #Akamai
    • #Belgium
    • #France
    • #Netherlands
    • #broadband
    schrödinger @erratic
    Écrire un commentaire

  • @stephane
    Stéphane Bortzmeyer @stephane CC BY-SA 26/09/2012

    RFC 6707 : Content Distribution Network Interconnection (CDNI) Problem Statement

    Aujourd’hui, les #CDN sont partout. Ces serveurs munis de nombreux disques et disposés dans les réseaux des FAI, au plus près de l’abonné, afin de servir du contenu numérique le plus rapidement possible, sont derrière un grand nombre de sites Web (non, ce blog n’utilise pas de CDN) et derrière bien des fournisseurs de streaming. La plus connue des entreprises de CDN est #Akamai mais il en existe bien d’autres. Et c’est là que le problème commence : il n’existe aucun mécanisme d’interconnexion des CDN. Chacun utilise ses protocoles spécifiques et pas question de les faire travailler ensemble. L’#IETF a donc créé un groupe de travail, CDNI, chargé de réfléchir à l’interconnexion des CDN. Ce #RFC est le premier du groupe, et il essaie de définir le problème (les solutions viendront plus tard).

    Tiens, il n’est pas prévu de mettre #SeenThis derrière un CDN, pour que ça aille plus vite pour ses dizaines de millions de visiteurs ?

    ▻http://www.bortzmeyer.org/6707.html

    Stéphane Bortzmeyer @stephane CC BY-SA
    Écrire un commentaire

  • @nhoizey
    Nicolas Hoizey @nhoizey CC BY-NC-SA 8/02/2012

    February 08, 2012 - Akamai Acquires Blaze
    ▻http://www.akamai.com/html/about/press/releases/2012/press_020812.html

    #Akamai Technologies, Inc. (NASDAQ: AKAM) announced today that it has acquired #Blaze Software Inc., a provider of frontend optimization (#FEO) technology, in a cash transaction. The acquisition is expected to complement Akamai’s market-leading site acceleration solutions with technology designed to optimize the #speed at which a web page is rendered, regardless of end user device.

    #webperf

    Nicolas Hoizey @nhoizey CC BY-NC-SA
    Écrire un commentaire

  • @nhoizey
    Nicolas Hoizey @nhoizey CC BY-NC-SA 5/10/2010

    CDN Usage Statistics
    ▻http://trends.builtwith.com/cdn
    #CDN #statistique #Google_AJAX_Library #Akamai

    Nicolas Hoizey @nhoizey CC BY-NC-SA
    Écrire un commentaire

  • @nhoizey
    Nicolas Hoizey @nhoizey CC BY-NC-SA 29/06/2010

    Akamai%20Open%20Video%20Player
    ▻http://http%3A%2F%2Fwww.akamai.com%2FHTML5

    %22Open%20Video%20Player%20for%20HTML5%20provides%20a%20foundation%20to%20allow%20developers%20to%20quickly%20implement%20world-class%20solutions%20for%20cross%20platform/device/format%20video%20applications,%20providing%20a%20consistent,%20high-quality%20experience.%22

    #Akamai%20Open_Video_Player%20video%20HTML5%20dev%20web%20clevermarks

    Nicolas Hoizey @nhoizey CC BY-NC-SA
    Écrire un commentaire

Thèmes liés

  • company: akamai
  • #akamai
  • #cdn
  • #ddos
  • #dns
  • #mirai
  • technology: dns
  • technology: udp
  • #ietf
  • #seenthis
  • company: cdni
  • #blaze
  • #feo
  • #rfc
  • #speed
  • industryterm: site acceleration solutions
  • #google_ajax_library
  • #webperf
  • #statistique
  • industryterm: end user device
  • company: akamai technologies inc.
  • company: blaze software inc.
  • #dyn