nanog mailing list archives
Re: WANTED: ISPs with DDoS defense solutions
From: Rob Thomas <robt () cymru com>
Date: Wed, 30 Jul 2003 19:40:01 -0500 (CDT)
Hi, NANOGers. Ooooo, you just knew I'd have to chime in eventually. :) ] 1) The OS/software/default settings for a lot of internet connected ] machines are weak, making it easy to attack from multiple locations. Yep, quite true. Vulnerable hosts are a commodity, not a scarce resource. There are 728958 entries in my hacked device database since 01 JAN 2003 that attest to this fact. ] 2) A lot of networks have no customer or egress filtering and make it a ] lot more difficult to trace DDoS traffic because it generally uses faked ] source addresses. I've tracked 1787 DDoS attacks since 01 JAN 2003. Of that number, only 32 used spoofed sources. I rarely see spoofed attacks now. When a miscreant has 140415 bots (the largest botnet I've seen this year), spoofing the source really isn't a requirement. :| Filtering the bogons does help, and everyone should perform anti-spoofing in the appropriate places. It isn't, however, a silver bullet. Thanks, Rob. -- Rob Thomas http://www.cymru.com ASSERT(coffee != empty);
Current thread:
- Re: WANTED: ISPs with DDoS defense solutions, (continued)
- Re: WANTED: ISPs with DDoS defense solutions Jared Mauch (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Mike Tancsa (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Jared Mauch (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Mike Tancsa (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions variable (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Christopher L. Morrow (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Mike Tancsa (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Rob Thomas (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Christopher L. Morrow (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions variable () ednet co uk (Jul 31)
- Re: WANTED: ISPs with DDoS defense solutions Mike Tancsa (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Rob Thomas (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Paul Vixie (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Henry Linneweh (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Randy Bush (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Jared Mauch (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions variable (Jul 31)
- Re: WANTED: ISPs with DDoS defense solutions Petri Helenius (Jul 31)
- Re: WANTED: ISPs with DDoS defense solutions Stephen J. Wilcox (Jul 31)
- Re: WANTED: ISPs with DDoS defense solutions Rob Thomas (Jul 31)
- Re: WANTED: ISPs with DDoS defense solutions Petri Helenius (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Paul Vixie (Jul 30)
- Re: WANTED: ISPs with DDoS defense solutions Petri Helenius (Jul 30)