Sign in / up

back to article 2024 according to Cloudflare: Global traffic up, Google still king, US churning out bots

Cloudflare says that global internet traffic grew by 17.2 percent this year, with Google still the most visited internet service, while the US was the source of over a third of global bot traffic (again). The content delivery network posts an annual review of the trends it has observed from traffic it has handled during the …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. loops

    "The company also reveals that a fifth of all TCP connections (20.7 percent) are unexpectedly terminated before any useful data can be exchanged. Causes of this could vary from DoS attacks, quirky client behavior, or a network interrupting a connection to filter content

    Cloudflare says about half of these incidents were connections closed "Post SYN" – after its server has received a client's SYN packet, but before a subsequent acknowledgement (ACK) or any useful data".

    Presumably this is a SYN/ACK flood on a third party (not Cloudflare).

    You send a single SYN packet with a spoofed IP, and the receiving service replies with an SYN-ACK, when it doesn't receive an ACK in response from the target IP it sends out several more SYN-ACKs before eventually giving up.

    On it's own, this does nothing, but if you do this to thousands of high bandwidth hosts, reflecting the SYN-ACK packets to your target, you perform a fairly simple DDOS amplification attack.

    These have been common since at least the early 90s (and ironically, is one of the things Cloudflare is designed to protect against).

    1 1 Reply
  2. Anonymous Coward
    Anonymous Coward

    Cloudflare bless 'em, didn't protect me and my website when they gave my origin IP address to some bloke who objected to the perfectly legal content. Filed a support ticket to find out exactly who authorised it, still open after weeks with no answer.

    5 1 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      If you're within the EU/UK.. file a subject access request. They're legally obliged to respond.

      7 0 Reply
    2. Doctor Syntax Silver badge
      Reply Icon

      They do seem to successfully protect cylex-uk from being visited by me. On account of either my browser or some of the add-ons such as noscript or adblock it decides that following a link from a search engine is an attack. Great way to attract site traffic.

      4 0 Reply
    3. IGotOut Silver badge
      Reply Icon

      And bless them, if you didn't use Cloudflare or similar that origin would there for everyone to see anyway.

      As I don't know the content, what may be legal in your location, may be illegal somewhere else.

      0 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Not sure what your point is. I do use Cloudflare and it was to hide my origin IP. It should not just have been handed out. The content is perfectly legal in the country it is aimed at.

        0 0 Reply
        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Firewall, firewall, firewall

          We use Cloudflare as well, but there are a number of ways to find the server’s actual IP. We setup a firewall that will only allow traffic from Cloudflare’s IP pool and our own company IP addresses and it has been very effective in preventing Syn-flooding, etc. FWIW.

          0 0 Reply
          1. harrys Bronze badge
            Reply Icon

            Re: Firewall, firewall, firewall

            very nice ..... simple solution is the best :)

            https://www.cloudflare.com/en-gb/ips/

            this will become a mandatory ip alais list on all the pfsense firewalls i manage from now on

            0 0 Reply
  3. Jellied Eel Silver badge

    Pesky bots are everywhere, even infesting El Reg

    The trouble with bots is any idiot can create one, and they often do*. Whether that's 'analytics', scraping content, performing DoS attacks, or just rendering analytics & social-credit type apps essentially useless. Plus they end up consuming an awful lot of bandwidth that the bot creators don't pay for, and I guess for large sites, consuming resources on proxies, firewalls and servers in general.

    Potential solutions like good'ol robots.txt don't work, so perhaps it's time for regulators (and moderators) to step in, and do something about the abuse of systems, and the waste of resources.

    (I predict that in <15mins, I'll have another demonstration of this.)

    1 2 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like