[47806] in North American Network Operators' Group
Re: Arbor Networks DoS defense product
daemon@ATHENA.MIT.EDU (Pete Kruckenberg)
Wed May 15 13:56:43 2002
Date: Wed, 15 May 2002 11:56:07 -0600 (MDT)
From: Pete Kruckenberg <pete@kruckenberg.com>
To: <nanog@merit.edu>
In-Reply-To: <20020515131051.GF375@overlord.e-gerbil.net>
Message-ID: <Pine.LNX.4.33.0205151104070.15659-100000@minot.kruckenberg.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 15 May 2002, Richard A Steenbergen wrote:
> It all depends on the networks involved. I'd venture to
> say that most people not associated with university
> networks see significantly less DoS, more like 1% of
> overall traffic for service providers and probably
> closer to 0% for end users who aren't IRCing.
Some presentations made at recent NANOGs discussed the
continuous noise generated by DDoS attacks, though I can't
find any numbers showing how much bandwidth the noise uses.
With the number of always-on broadband residential and
small-business customers, are education networks still the
(only) haven of hackers they used to be? Even enterprises
seem to be pretty active DDoS participants; there were/are a
lot of corporations generating CodeRed probes, and a
surprising number of residential machines.
Are there any service providers running IDS/NIDS on their
backbones and monitoring for DDoS attacks, to provide some
impirical data on the scope of DDoS traffic?
Pete.
