[133521] in North American Network Operators' Group
RE: Over a decade of DDOS--any progress yet?
daemon@ATHENA.MIT.EDU (Drew Weaver)
Fri Dec 10 15:34:50 2010
From: Drew Weaver <drew.weaver@thenap.com>
To: "'Dobbins, Roland'" <rdobbins@arbor.net>, North American Operators' Group
<nanog@nanog.org>
Date: Fri, 10 Dec 2010 15:33:46 -0500
In-Reply-To: <CE997A7E-16FF-455D-BA86-0DA705B7CBD8@arbor.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Nobody has really driven the point home that yes you can purchase a system =
from Arbor, RioRey, make your own mitigation system; what-have you, but you=
still have to pay for the transit to digest the attack, which is probably =
the main cost right now.
-Drew
-----Original Message-----
From: Dobbins, Roland [mailto:rdobbins@arbor.net]=20
Sent: Wednesday, December 08, 2010 11:54 AM
To: North American Operators' Group
Subject: Re: Over a decade of DDOS--any progress yet?
On Dec 8, 2010, at 11:47 PM, Jay Coley wrote:
> This has been our recent experience as well.=20
I see a link-filling attacks with some regularity; but again, what I'm sayi=
ng is simply that they aren't as prevalent as they used to be, because the =
attackers don't *need* to fill links in order to achieve their goals, in ma=
ny cases.
That being said, high-bandwidth DNS reflection/amplification attacks tip th=
e scales, every time.
> Lastly there is usually always someone at the other end of these attacks =
watching what is working and what is not
This is a very important point - determined attackers will observe and reac=
t in order to try and defeat successful countermeasures, so the defenders m=
ust watch for shifting attack vectors.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Sell your computer and buy a guitar.
