-1

Especially when talking about Google's Project Shield, people refer to an "internal anti-DDoS infrastructure". I could not find any more detailed information on such thing, and if it spans all the services that Google provides to the user, including Google Apps. If it does, how does it work from the user perspective (do I get nullrouted or not)?

Lorenzo Pistone
  • 109
  • 5

1 Answers1

0

Google Apps is protected against DDoS by the simple fact that Google has bigger pipes than any reasonably expected adversary.

Project Shield appears to be a product offering like CloudFlare and would have nothing to do with keeping Google Apps running beyond the fact that the same "we have more bandwidth and servers than any attacker" protection applies.

ceejayoz
  • 32,910
  • 7
  • 82
  • 106
  • Of course Google itself wouldn't go down in case of a DDoS. I wonder if they have some active Layer-4 filtering (e.g., UDP floods). – Lorenzo Pistone Jan 12 '15 at 19:08
  • @LorenzoPistone Almost certainly, but details of such items wouldn't generally be public. – ceejayoz Jan 12 '15 at 19:11
  • @LorenzoPistone A flood of packets using a protocol not supported by the receiver is the easiest kind of flood to protect against. Does Google host any UDP based services other than DNS? If not, then a flood of UDP packets would not be a very effective attack. – kasperd Jan 12 '15 at 19:17
  • Any sufficiently large target like Google are frequently attacked by an elaborate array of DDoS attacks, some of which happen constantly. These elaborate attacks require elaborate monitoring and defenses. Google's reputation is harmed every time there is a successful attack, and thus they dedicate quite a few resources to their monitoring and defense. The specific tools are generally kept secret, and are changing frequently. Look for some of the videos given by the technical managers of the Google Site Reliability teams, Secops and Netops teams. – Stefan Lasiewski Jan 12 '15 at 21:46
  • @kasperd I now realized that I should have asked about Google Cloud instances, not Apps. Those I believe can do tcp, udp, icmp, and maybe others. – Lorenzo Pistone Jan 12 '15 at 21:58