[133313] in North American Network Operators' Group
Re: Over a decade of DDOS--any progress yet?
daemon@ATHENA.MIT.EDU (Jack Bates)
Wed Dec 8 11:38:30 2010
Date: Wed, 08 Dec 2010 10:38:27 -0600
From: Jack Bates <jbates@brightok.net>
To: "North American Operators' Group" <nanog@nanog.org>
In-Reply-To: <DA8B43E8-C352-4C11-B881-A639D22BB56A@arbor.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 12/8/2010 10:28 AM, Dobbins, Roland wrote:
>
> Application-layer attacks aside, most packet-flooding attacks these
> days don't completely fill links, as there's no need for the attacker
> to do so.
>
I think the difference here is scale. packet-flooding attacks often do
fill links; if the links drop to 155mb/s or below. I've seen some gig+
DOS, but that is less common. The DOS I posted a flow capture link for
wasn't that large, but enough to flood out the little DS3 going to the
small town where the target DSL customers was.
Jack
