recentpopularlog in

kme : ddos   5

A 1.3-Tbs DDoS Hit GitHub, the Largest Yet Recorded | WIRED | https://www.wired.com/
The web monitoring and network intelligence firm ThousandEyes observed the GitHub attack on Wednesday. "This was a successful mitigation. Everything transpired in 15 to 20 minutes," says Alex Henthorne-Iwane, vice president of product marketing at ThousandEyes. "If you look at the stats you’ll find that globally speaking DDoS attack detection alone generally takes about an hour plus, which usually means there’s a human involved looking and kind of scratching their head. When it all happens within 20 minutes you know that this is driven primarily by software. It’s nice to see a picture of success."
github  ddos  internet  memcached  security  ops  winning 
march 2018 by kme
More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack | Sucuri Blog
See also: https://www.trustwave.com/Resources/SpiderLabs-Blog/WordPress-XML-RPC-PingBack-Vulnerability-Analysis/

Except those assholes don't give you copy-pasteable code. It's an image. These assholes let their CMS put smartquotes in the code, but at least it's a start.
add_filter( 'xmlrpc_methods', function( $methods ) {
unset( $methods['pingback.ping'] );
return $methods;
} );


Here's a POST that will check to see if the "patch" worked:
<?xml version="1.0"
encoding="iso-8859-1"?><methodCall><methodName>pingback.ping</methodName><params ><param><value><string>http://127.0.0.1</string></value></param><param><value><string></string></value></param></params></methodCall>
wordpress  security  webmaster  ddos  xmlrpc  pingback 
march 2015 by kme

Copy this bookmark:





to read