[47798] in North American Network Operators' Group
Re: Arbor Networks DoS defense product
daemon@ATHENA.MIT.EDU (Rubens Kuhl Jr.)
Wed May 15 01:56:06 2002
Message-ID: <148701c1fbd4$dcf05120$1302a8c0@default>
From: "Rubens Kuhl Jr." <rkuhljr@uol.com.br>
To: "Pete Kruckenberg" <pete@kruckenberg.com>, <nanog@merit.edu>
Date: Wed, 15 May 2002 02:53:39 -0300
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
| The attacks I have been able to detect represent around
| 10-15% of my traffic on an on-going basis.
|
| I'm curious about the business case for investing in DoS
| defense mechanisms. DoS traffic is boosting service provider
| revenues through increased customer bandwidth usage. So the
If and when
(a) customers don't get exemption for attack traffic
(b) the DoS traffic occurs more than 5% (or 1 - your percentile level) of
the month per customer circuit
(c) the DoS increases bytes transferred like large ICMP packet flood; this
is not the case for all DoS traffic, which can be a bunch of small packets
that actually decreases traffic
| investment in defense mechanisms like Arbor would have to
| replace or increase that revenue. Will these issues inhibit
| wide-spread implementation of DoS defenses?
I think a network that profits from client suffering doesn't keep its
contracts for much time.
Rubens Kuhl Jr.
