[133545] in North American Network Operators' Group
Re: Over a decade of DDOS--any progress yet?
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Sun Dec 12 00:05:21 2010
In-Reply-To: <4D02AF04.1040608@bogus.com>
Date: Sun, 12 Dec 2010 00:05:11 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Joel Jaeggli <joelja@bogus.com>
Cc: North American Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, Dec 10, 2010 at 5:51 PM, Joel Jaeggli <joelja@bogus.com> wrote:
> On 12/10/10 12:33 PM, Drew Weaver wrote:
>> Nobody has really driven the point home that yes you can purchase a
>> system from Arbor, RioRey, make your own mitigation system; what-have
>> you, but you still have to pay for the transit to digest the attack,
>> which is probably the main cost right now.
>
> or you outsource it and it's still costlier.
>
> Paying for DOS mitigation you rarely if ever use is quite expensive. If
> you use it a lot it's even more expensive, but can at least be
> rationalized on the basis of known costs e.g. npv calculation on the
> number and duration of outages...
>
verizon's ddos service was/is 3250/month flat... not extra if there
was some sort of incident, and completely self-service for the
customer(s). Is 3250/month a reasonable insurance against loss?
(40k/yr or there abouts)
-chris
>> -Drew
>>
>>
>> -----Original Message----- From: Dobbins, Roland
>> [mailto:rdobbins@arbor.net] Sent: Wednesday, December 08, 2010 11:54
>> AM To: North American Operators' Group Subject: Re: Over a decade of
>> DDOS--any progress yet?
>>
>>
>> On Dec 8, 2010, at 11:47 PM, Jay Coley wrote:
>>
>>> This has been our recent experience as well.
>>
>> I see a link-filling attacks with some regularity; but again, what
>> I'm saying is simply that they aren't as prevalent as they used to
>> be, because the attackers don't *need* to fill links in order to
>> achieve their goals, in many cases.
>>
>> That being said, high-bandwidth DNS reflection/amplification attacks
>> tip the scales, every time.
>>
>>> Lastly there is usually always someone at the other end of these
>>> attacks watching what is working and what is not
>>
>>
>> This is a very important point - determined attackers will observe
>> and react in order to try and defeat successful countermeasures, so
>> the defenders must watch for shifting attack vectors.
>>
>> -----------------------------------------------------------------------
>>
>>
> Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
>>
>> Sell your computer and buy a guitar.
>>
>>
>>
>>
>>
>>
>>
>
>
>
