Key Internet registry weathers serious DDoS assault

RIPE for the plucking

Internet registry RIPE (Réseaux IP Européens) yesterday reported its services were back to normal, after it became the victim of a serious DDoS at the end of last month.

All but a tenth of traffic sent to RIPE failed to reach the registry during the two and a half hour duration of the attack on February 27. The distributed ICMP (Internet Control Message Protocol) echo attack left RIPE's DNS, Whois and FTP services unavailable during the duration of the attack, between 14:00 and 16:30 GMT on February 27. RIPE's Web site was also affected.

All these services are now back to normal.

In a statement RIPE's Network Coordination Centre (NCC) explains "the attack caused various congestion related problems for the RIPE NCC's network to the extent that our BGP [Border Gateway Protocol, an important routing protocol] sessions were affected, and non-ICMP traffic was being randomly dropped."

"The attack was successfully mitigated with cooperation of our peer networks at AMS-IX," it adds.

RIPE reports that packet loss during the peak of the attack was 90 per cent or more. The motive and perpetrator(s) of that attack are currently unknown.

The RIPE NCC is one of four regional Internet Registries that exist in the world, providing allocation and registration services that support the operation of the Internet globally. ®

External Links

Effects of the DDoS Attack on the RIPE NCC (statement)
Description of ICMP Echo (AKA Smurf) attacks

Sponsored: How to determine if cloud backup is right for your servers