[133527] in North American Network Operators' Group
Re: Over a decade of DDOS--any progress yet?
daemon@ATHENA.MIT.EDU (Joel Jaeggli)
Fri Dec 10 17:52:03 2010
Date: Fri, 10 Dec 2010 14:51:48 -0800
From: Joel Jaeggli <joelja@bogus.com>
To: Drew Weaver <drew.weaver@thenap.com>
In-Reply-To: <F3318834F1F89D46857972DD4B411D70019C4767B9@EXCHANGE.thenap.com>
Cc: North American Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 12/10/10 12:33 PM, Drew Weaver wrote:
> Nobody has really driven the point home that yes you can purchase a
> system from Arbor, RioRey, make your own mitigation system; what-have
> you, but you still have to pay for the transit to digest the attack,
> which is probably the main cost right now.
or you outsource it and it's still costlier.
Paying for DOS mitigation you rarely if ever use is quite expensive. If
you use it a lot it's even more expensive, but can at least be
rationalized on the basis of known costs e.g. npv calculation on the
number and duration of outages...
> -Drew
>
>
> -----Original Message----- From: Dobbins, Roland
> [mailto:rdobbins@arbor.net] Sent: Wednesday, December 08, 2010 11:54
> AM To: North American Operators' Group Subject: Re: Over a decade of
> DDOS--any progress yet?
>
>
> On Dec 8, 2010, at 11:47 PM, Jay Coley wrote:
>
>> This has been our recent experience as well.
>
> I see a link-filling attacks with some regularity; but again, what
> I'm saying is simply that they aren't as prevalent as they used to
> be, because the attackers don't *need* to fill links in order to
> achieve their goals, in many cases.
>
> That being said, high-bandwidth DNS reflection/amplification attacks
> tip the scales, every time.
>
>> Lastly there is usually always someone at the other end of these
>> attacks watching what is working and what is not
>
>
> This is a very important point - determined attackers will observe
> and react in order to try and defeat successful countermeasures, so
> the defenders must watch for shifting attack vectors.
>
> -----------------------------------------------------------------------
>
>
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
>
> Sell your computer and buy a guitar.
>
>
>
>
>
>
>
