24
Jul
2014
Dr. Crawlit - A Bot That Cares About the ‘Little Guy’

In the first post of this two-part series, we shared our insights into Googlebot’s activity and behavior patterns.

However, no overview of Googlebot activity would be complete without a mention of Googlebot imposters, who assume Googlebot’s identity to gain privileged access to websites and online information.

Every day millions of these “evil twins” are used for DDoS attacks, hacking, spam, content theft and many other shady activities. The details of these malicious escapades, that paint the event logs of Incapsula’s security services, are what we share with you here today.

Read more »

24
Jul
2014
Dr. Crawlit - A Bot That Cares About the ‘Little Guy’

Working at Incapsula gives us a bird’s-eye view of the bot traffic landscape. Amongst the innumerable creatures roaming those fields, few are as intriguing as Googlebot – a web crawler that facilitates knowledge exchange between billions of humans, influencing our perceptions, preferences and imaginations in more ways than we can even comprehend.

Over the years, many efforts have been made to better understand Google’s behavior and motives. Today, we want to share with you some of our insights into Googlebot’s behavior, based on what we think is one of the most robust studies on the subject to date.

Read more »

01
Jul
2014
New Data Center Goes Live in Atlanta Georgia

We are happy to announce the activation of a new Point of Presence (PoP) in Atlanta, Georgia - our 5th new data center to go live in 2014.

Located in the Equinix AT2 facility, our new PoP augments Incapsula’s presence in Southeast USA by further improving connectivity in one of our highest demand areas.

Atlanta's multi 10Gig data center also contributes to Incapsula's overall resilience against volumetric DDoS attacks. With it, Incapsula's total network capacity now reaches 710+ Gbps - more than enough to handle even the largest volumetric DDoS threats.

Read more »

17
Jun
2014
New Data Center Goes Live in Auckland, New Zealand

A few days ago we activated our newest data center, located in Vocus Communications’ facility in Auckland, New Zealand.

This new location enables us to comply with New Zealand’s national data privacy regulations. With it, we are now able to meet the needs of local website operators who expressed their interest in Incapsula’s security and acceleration services, on the condition that the inbound traffic is routed through a local Point of Presence (POP).

Read more »


05
Jun
2014
OpenSSL Man in the Middle (MITM) Flaw Fixed

Yesterday OpenSSL released a fix for seven security vulnerabilities, including a serious flaw (CVE-2014-0224) that enables man-in-the-middle (MITM) attacks, potentially allowing the attacker to decrypt and modify traffic from the attacked client and server.

We immediately responded with a network wide update, protecting our servers and all of our clients from these security issues.

It should go without saying that we advise all OpenSSL users to apply the patch as soon as possible.

Read more »

28
May
2014
Complete Infrastructure Protection with DNS DDoS Mitigation and GRE Tunneling

Today we are announcing two major upgrades to Incapsula’s security services, which significantly extend the range of Incapsula’s award winning anti-DDoS solutions.

The first of these is a DNS Protection service. As the name suggests, this solution safeguards our clients’ DNS servers, while also accelerating DNS responses.

The second is our Infrastructure Protection service, enabled by the addition of a GRE tunneling onboarding option.

This new service allows us to widen Incapsula's security perimeter to a point where Incapsula can be used to protect entire subnets, secure all network elements and inspect all TCP/UDP communication.

The underlying technology powering these new services is our custom-built scrubbing hardware (codenamed “Behemoth”). Each of these appliances can process 170Gbps worth of traffic, performing deep packet inspection, filtering, tunneling, and routing.

Read more »

12
May
2014
DNS Flood of 1.5 Billion Requests a Minute, Fueled by DDoS Protection Services

Several days ago one of our clients became the target of a massive DNS DDoS attack, peaking at approximately 25Mpps (Million packets per second). The attack fit the description of other recently reported DNS floods, like the one that brought down UltraDNS earlier this month.

Interestingly enough, the DNS queries contained non-spoofed IP data that allowed us to uncover the attacker’s true points of origin.

When we did, we were surprised to learn that the malicious requests were originating from servers of two other anti-DDoS service providers – one based in Canada, the other in China.

All told, these were hitting our network at a rate of 1.5 Billion DNS queries a minute, amounting to over 630 Billion requests during the course of the 7 hour-long DDoS attack...

Read more »

03
Apr
2014
Ransom DDoS: Criminal Masterminds or Kids with Nukes?

In the past few weeks we witness a wave of DDoS attack that were targeting several prominent online companies; MeetUp, Elance, oDesk and BaseCamp, to name a few. The common theme for these events was the attackers’ motivations. In all these cases offenders were trying to blackmail the websites’ owners, asking for ransom of 300-400 USD to prevent the attack.

Who would go through the risk of DDoSing a service for 300 or 400 USD? Are they criminal masterminds trying to lay down some long-term extortion schemes or are they just non-professional opportunists, trying to make a quick buck?

Read more »

30
Mar
2014
 Join Us at WHD.global 2014

This week we are attending WHD.global 2014; one of world’s most important gathering of the international hosting industry.

The conference will be taking place on April 1-3, at Europa-Park in Rust, Germany. We will be waiting for you at booth F15.

On the first day of the conference Eldad Chai, Incapsula’s VP of Product Management, will be holding a session about the challenges posed by latest network and application layer DDoS threats.

Read more »