Home / Companies / Cloudflare / Blog / June 2017

June 2017 Summaries

6 posts from Cloudflare

Filter
Month: Year:
Post Summaries Back to Blog
A recent unusual SSDP amplification attack was recorded by Cloudflare, crossing the symbolic threshold of 100 Gbps. The attack utilized 930k reflector servers across the globe and lasted for 38 minutes. The reflector IP distribution across ASNs followed the world's largest residential ISPs. SSDP protocol does not check whether the querying party is in the same network as the device, making it vulnerable to UDP amplification attacks with a misconfigured firewall. The real damage is done by the ssdp:all ST type, which can trigger multiple response packets. IP spoofing is the final step for the attack, and the most unprotected routers were from China, Russia, and Argentina. Cloudflare customers are protected from SSDP and other L3 amplification attacks due to their anycast infrastructure.
Jun 28, 2017 2,060 words in the original blog post.
Matthew Prince, co-founder of Cloudflare, shares the journey of his company from its inception six years ago with the aim to provide internet services as fast and secure as those offered by tech giants like Google, Facebook, and Microsoft. Today, Cloudflare runs one of the largest global networks with data centers in 115 cities worldwide. The company's core service delivers performance, security, availability, and insight to over six million users. Their goal has always been to democratize the internet, and they are taking another step towards this by launching the Cloudflare Apps Platform and the Cloudflare Developer Fund. Initially, they needed a collection of users for their service and finances to fund development. They found both in Project Honey Pot's Open Source community members who served as their initial alpha customers and investors like Venrock, Pelion Ventures, and NEA. The Cloudflare Apps Platform allows third parties to develop applications that can be delivered across Cloudflare's edge network to its millions of users. The Cloudflare Developer Fund is a $100 million venture capital fund for developers who create applications using the Cloudflare Apps Platform. This initiative aims to encourage developers to build impactful applications leveraging Cloudflare's global infrastructure and access to investors.
Jun 27, 2017 675 words in the original blog post.
Cloudflare has announced the next generation of its open platform, Cloudflare Apps, which allows website owners to select from a vast catalog of apps that can improve their websites and internet properties in various ways. The platform enables developers to build high-quality websites with ease by providing tools for modifying content and layout, communicating with external services, and improving overall website performance. With features like Live Preview, OAuth support, bidirectional webhooks, and the ability to sell apps, Cloudflare Apps aims to create a new kind of business for developers while making it easier for website owners to enhance their online presence.
Jun 27, 2017 801 words in the original blog post.
The article discusses the problem of patent trolls and how they exploit the patent system for monetary gain. It explains that bad patents are issued due to lack of information sharing between the patent applicant and examiner, leading to overly broad claims. To combat this issue, the author suggests using Inter Partes Review (IPR) and ex parte reexamination processes at the USPTO to challenge the validity of these patents. The article highlights the benefits of IPR, such as lower cost, faster resolution, and more favorable legal standards for patent challengers. It also mentions the potential threat posed by the Supreme Court's decision to hear Oil States vs. Greene's Energy Group case, which could invalidate the entire system of administrative review by the USPTO. The author emphasizes the importance of supporting efforts to improve the patent litigation process and encourages readers to contribute to finding prior art on Blackbird Tech patents.
Jun 23, 2017 2,529 words in the original blog post.
The Supreme Court ruled on June 19, 2017 that internet access is protected by the First Amendment, comparing it to access to a street or park for public gatherings. In the Packingham v. North Carolina case, the Court struck down a law making it a criminal offense for registered sex offenders to access certain social media sites. The majority opinion emphasized the importance of protecting access to the internet and cautioned against restrictions on internet speech. Justice Alito expressed concerns about the implications of the broad sweep of the majority opinion. This ruling reaffirms U.S. commitment to freedom of expression online.
Jun 21, 2017 900 words in the original blog post.
Cloudflare has implemented rate limiting at the edge of its network, which provides several advantages such as easier setup and operation, protection against excessive traffic or layer 7 attacks, offloading performance and memory cost to the edge, among others. The rate limiter works by counting requests per client IP address that match a defined rule, and once the counter exceeds a threshold, further requests are not allowed to reach the origin server. This is an effective protection against brute force attacks on login pages and other abusive traffic like L7 DoS attacks. To implement this rate limiter at the edge of its network, Cloudflare leveraged its existing infrastructure and utilized NGINX's Lua scripting module to create a Twemproxy cluster inside each PoP (Point of Presence). The leaky bucket algorithm was initially considered but later replaced with a sliding windows approach due to its simplicity, accuracy, and efficiency. The rate limiter is already being used by many customers to control the rate of requests that their origin servers receive. It has been handling several billion requests per day and recently mitigated attacks with as many as 400,000 requests per second to a single domain without degrading service for legitimate users.
Jun 07, 2017 1,764 words in the original blog post.