[133319] in North American Network Operators' Group
Re: Over a decade of DDOS--any progress yet?
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Wed Dec 8 11:57:10 2010
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: North American Operators' Group <nanog@nanog.org>
Date: Wed, 8 Dec 2010 16:53:34 +0000
In-Reply-To: <4CFFB68D.4080405@prolexic.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 8, 2010, at 11:47 PM, Jay Coley wrote:
> This has been our recent experience as well.=20
I see a link-filling attacks with some regularity; but again, what I'm sayi=
ng is simply that they aren't as prevalent as they used to be, because the =
attackers don't *need* to fill links in order to achieve their goals, in ma=
ny cases.
That being said, high-bandwidth DNS reflection/amplification attacks tip th=
e scales, every time.
> Lastly there is usually always someone at the other end of these attacks =
watching what is working and what is not
This is a very important point - determined attackers will observe and reac=
t in order to try and defeat successful countermeasures, so the defenders m=
ust watch for shifting attack vectors.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Sell your computer and buy a guitar.
