[30631] in North American Network Operators' Group
RE: DDOS attacks lately?
daemon@ATHENA.MIT.EDU (Rubens Kuhl Jr.)
Mon Aug 21 08:45:35 2000
From: "Rubens Kuhl Jr." <rkuhljr@uol.com.br>
To: "John O Comeau" <jcomeau@world.std.com>
Cc: "NANOG" <nanog@merit.edu>
Date: Mon, 21 Aug 2000 09:44:47 -0300
Message-ID: <NEBBICGHLKIPJFEGBLBGCEGMCIAA.rkuhljr@uol.com.br>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
In-Reply-To: <Pine.SGI.3.95.1000819194335.16369A-100000@world.std.com>
Errors-To: owner-nanog-outgoing@merit.edu
> It's looking like the only way to improve is to buy bigger connections;
> but in light of the Yahoo attack (800Mbps was the last word I guess?) how
> big is big enough? How many OC48 connections can _your_ data center
> afford?
In dealing with DDoS attacks, it is good do remember that altough channel
capacity is a number of bits per second, router capacity is packets per
second and server performance is requests per second. Very powerful DDoS
streams containing thousands of small packets per second from random spoofed
sources can put many routers, firewalls and servers down with no more than a
DS3 of bandwidth.
Rubens Kuhl Jr.
