[133306] in North American Network Operators' Group
RE: Over a decade of DDOS--any progress yet?
daemon@ATHENA.MIT.EDU (Drew Weaver)
Wed Dec 8 11:18:03 2010
From: Drew Weaver <drew.weaver@thenap.com>
To: "'Dobbins, Roland'" <rdobbins@arbor.net>, North American Operators' Group
<nanog@nanog.org>
Date: Wed, 8 Dec 2010 11:14:52 -0500
In-Reply-To: <63CF5704-B49D-43D5-BC8E-F76336CD0005@arbor.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
I would say that > 99% of the attacks that we see are 'link fillers' with <=
1% being an application attack.
thanks,
-Drew
-----Original Message-----
From: Dobbins, Roland [mailto:rdobbins@arbor.net]=20
Sent: Wednesday, December 08, 2010 10:41 AM
To: North American Operators' Group
Subject: Re: Over a decade of DDOS--any progress yet?
On Dec 8, 2010, at 10:36 PM, Thomas Mangin wrote:
> If you are a smaller network, you need the filtering to be performed by y=
our transit provider, as your uplink will otherwise be congested.
Actually, most DDoS attacks aren't link-flooding attacks - this hasn't been=
true for the last ~7 years or so.
I'm not saying it doesn't happen, because it does, and sometimes quite spec=
tacularly - but in most cases, the attackers don't have to flood the link t=
o achieve their desired goal.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Sell your computer and buy a guitar.
