[180113] in North American Network Operators' Group
Re: [SECURITY] Application layer attacks/DDoS attacks
daemon@ATHENA.MIT.EDU (Ramy Hashish)
Sat May 23 17:33:46 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <CAOLsBOvyYZ8XQL7w9CFt=tBgKAPjegnFes6snETAa=NJipWTtA@mail.gmail.com>
Date: Sat, 23 May 2015 23:33:42 +0200
From: Ramy Hashish <ramy.ihashish@gmail.com>
To: Harlan Stenn <stenn@ntp.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
Yes Harlan, you are absolutely right, even if this won't stop the
botnet-based DDoS attacks, but at least will significantly decrease the
volume/frequency of the volume based attacks.
On the other side, the DDoS protection now become a business where
all-tiers ISPs make money of, and those ISPs is the exact place where the
implementation of anti-spoofing make the best sense, conflict of interests
now...
However, the trusted network initiative might be a good approach to start
influencing operators to apply anti-spoofing mechanisms.
Salam,
Ramy
On 23 May 2015 10:48 pm, "Harlan Stenn" <stenn@ntp.org> wrote:
Just to ask, what is the expected effect on DDoS attacks if folks
implemented BCP38?
How does the cost of implementing BCP38 compare to the cost of other
solution attempts?
H
