[133314] in North American Network Operators' Group
Re: Over a decade of DDOS--any progress yet?
daemon@ATHENA.MIT.EDU (Jeffrey Lyon)
Wed Dec 8 11:41:36 2010
In-Reply-To: <4CFFB483.8010304@brightok.net>
Date: Wed, 8 Dec 2010 11:41:31 -0500
From: Jeffrey Lyon <jeffrey.lyon@blacklotus.net>
To: Jack Bates <jbates@brightok.net>
Cc: North American Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
< 1 Gbps attacks used to be standard issue but as of the past 90 days
we have been seeing 2 - 8 Gbps a lot more frequently.
Jeff
On Wed, Dec 8, 2010 at 11:38 AM, Jack Bates <jbates@brightok.net> wrote:
> On 12/8/2010 10:28 AM, Dobbins, Roland wrote:
>>
>> Application-layer attacks aside, most packet-flooding attacks these
>> days don't completely fill links, as there's no need for the attacker
>> to do so.
>>
>
> I think the difference here is scale. packet-flooding attacks often do
> fill links; if the links drop to 155mb/s or below. I've seen some gig+ DOS,
> but that is less common. The DOS I posted a flow capture link for wasn't
> that large, but enough to flood out the little DS3 going to the small town
> where the target DSL customers was.
>
>
> Jack
>
>
>
>
--
Jeffrey Lyon, Leadership Team
jeffrey.lyon@blacklotus.net | http://www.blacklotus.net
Black Lotus Communications - AS32421
First and Leading in DDoS Protection Solutions
