Distributed Denial of Service (DDoS) has always been a major threat to organisations’ networks. DDoS attacks are cheap and easy to carry out but defending against these kind of attacks can cost 100 to 1000 times more than the cost of launching an attack. Before I stopped hosting Team Fortress 2 game servers, my IPv4 address has always been under constant DDoS. Every few days, I would receive billion of packets per second floods, bringing down my Internet for a few hours. It was such an annoyance to both my ISP and I; the attacker won and I stopped hosting the Team Fortress 2 game servers.
However, attacks has always been constrained to IPv4 as implementation of IPv6 was lacking globally. When IPv4 addresses started becoming dry a few years back, lots of ISPs started implementing CGNAT but most of them still didn’t bother with implementing IPv6.
As time passes by, and NICs of different regions become drier in IPv4 addresses, ISPs worldwide started to become aware of IPv4 exhaustion. Then, they slowly and finally moved their ass to implementing IPv6 addresses. It’s not super difficult to do it, they’re just lazy. Okay granted, maybe it is difficult for such a large scale process to happen quickly in bureaucratic ISPs but seriously, if your company did not see the shortage of IPv4 addresses becoming real 5 years ago, I’ve got real bad news for ya.
In 2014 and 2015, my friend kcaj, has already suffered from 2 IPv6 DDoS attacks. These attacks were originating from trolls in the Efnet #troll channel. Folks from there seem to love to DDoS each other for “fun”, very childish anti social behaviour. Attacks originating from this channel is strong enough to take down OVH DDoS protected boxes and heck, even Voxility boxes. These script kiddies’ parents sure are rich enough to fund their kids with booter credits to wreck havoc on the Internet. I frown upon such action and desperately urge everyone not to carry out these attacks just for the sake of “fun”. Sure, it might sound “fun” but wait until you get hit by these attacks or worse still, get arrested for such actions.
So as you can see, DDoS using IPv6 network is now a threat. DDoS protection providers should start offering protection that covers these kind of attacks. Just a thought and question for you, is your company prepared to face against IPv6 DDoS attacks? If so, which DDoS protection provider are you using?