[60292] in North American Network Operators' Group
Re: WANTED: ISPs with DDoS defense solutions
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Tue Aug 5 17:19:57 2003
Date: Tue, 5 Aug 2003 21:17:52 +0000 (GMT)
From: "Christopher L. Morrow" <chris@UU.NET>
To: Mike Tancsa <mike@sentex.net>
Cc: Vadim Antonov <avg@kotovnik.com>, nanog@merit.edu
In-Reply-To: <5.2.0.9.0.20030805151215.091e2c88@209.112.4.2>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 5 Aug 2003, Mike Tancsa wrote:
>
> At 07:02 PM 05/08/2003 +0000, Christopher L. Morrow wrote:
> >so long as you are sure they aren't spoofed, yes.
>
> A recent post by Rob Thomas said, "I've tracked 1787 DDoS attacks since 01
> JAN 2003. Of that number, only 32 used spoofed sources. I rarely see
> spoofed attacks now."
>
> Thats about 1%. Of the few attacked directed at us and originating from
> our customers, that generally jives. What number are you seeing ?
More and more there is less and less spoofing, its just not required and
it causes more damage with less effort :( Why spoof when you have 1000
machines pumping 1 packet per second? (or 10)
