KrebsOnSecurity is now up and hosted on Google Cloud

I&#x27;ve always wondered how Google would deal with a client on GCP being DDoSed. Mainly as were in online advertising and DDoS extortion isn&#x27;t uncommon.<p>Guess with this I&#x27;ll now find out, as crapping on Krebs&#x27; site is practically a right of passage when you&#x27;ve got a botnet now.

I&#x27;ve always wondered just how much a network run by someone like Google or Facebook or one of the other absolute top tier providers like AWS or Azure might be able to &#x27;handle&#x27; in terms of dealing with DDoS attacks.<p>Presumably these giants can easily handle such traffic as long as someone is willing to pay for the privilege? 665gbps seems tiny in comparison to the capacity someone like Google might have at its disposal but I&#x27;m speculating as I haven&#x27;t seen anything detailing their network stats.<p>To give something of a concluding statement to this waffle I guess I have respect for Google in running this public service type protection for sites that have a strong enough &#x27;public good&#x27; element.

If the 665 Gbps botnet was indeed powered by mainly IoT devices, then this is only the very beginning. We&#x27;re about to see multi-Tbps botnets soon, all because most IoT companies could care less about security, and because most of them want to connect every IoT device to the Internet <i>by default</i> (rather than through a gateway, which at least could limit infections).

Can somebody please enlighten me, why is this vague post on the front page with no comments and 8 upvotes?

&gt;KrebsOnSecurity is now up...<p>It isn&#x27;t for me. I get &quot;This site can’t be reached - krebsonsecurity.com refused to connect.&quot;

Now that he has quickly found another safe harbor, this attack may well have a sort of Streisand effect and give Brian Krebs more prominence than he already had. Would be nice to see something good come out of this and maybe even cause future attacks to be seen as counterproductive by potential perpetrators.

The solution I&#x27;d like to see:<p>1) Put the site behind CloudFlare.<p>2) Wait for an attack...<p>3) Force all users to go through a capcha before accessing the site.<p>Note: The capcha setting can be enabled with 3 clicks in cloudflare UI and it takes 2-5 minutes to propagate. (Yes, I speak from experience)

seems to be down again at 6:06AM PST<p>sometimes you can get the HTML to load from :80 but the CSS breaks. HTTPS doesn&#x27;t seem to work at all.

How would that solve anything? He would have to pay crazy Google CDN fees now:<p><a href="https:&#x2F;&#x2F;cloud.google.com&#x2F;cdn&#x2F;pricing" rel="nofollow">https:&#x2F;&#x2F;cloud.google.com&#x2F;cdn&#x2F;pricing</a><p>At 650 Gbps (81.25 GB&#x2F;s) he&#x27;s looking at $1.625&#x2F;sec ($5850&#x2F;hr) in cache egress fees alone.<p>I would go CloudFlare, which is flat rate.

Unfortunately I can&#x27;t get to the new site (without changing my DNS servers) because Verizon is resolving krebsonsecurity.com to loopback. Presumably doing it for (poor) DDOS mitigation, but this sort of censorship is ridiculous.<p><pre><code> $ nslookup krebsonsecurity.com 71.242.0.12 Server: 71.242.0.12 Address: 71.242.0.12#53 Non-authoritative answer: Name: krebsonsecurity.com Address: 127.0.0.1 </code></pre> EDIT: I see downthread that this is a DNS propagation issue. Nevermind.