nanog mailing list archives

Over a decade of DDOS--any progress yet?

From: Sean Donelan <sean () donelan com>
Date: Mon, 6 Dec 2010 02:50:18 -0500 (EST)

February 2000 weren't the first DDOS attacks, but the attacks on multiplewell-known sites did raise DDOS' visibility.

What progress has been made during the last decade at stopping DDOSattacks?

SMURF attacks creating a DDOS from directed broadcast replies seems tohave been mostly mitigated by changing defaults in major router OS's.

TCP SYN attacks creating a DDOS from leaving many half-open connectionsseems to have been mostly mitigated with SYN Cookies or similar OSchanges.

Other than buying lots of bandwidth and scrubber boxes, have any otherDDOS attack vectors been stopped or rendered useless during the lastdecade?


Spoofing?

Bots?

Protocol quirks?

Over a decade of DDOS--any progress yet? Sean Donelan (Dec 05)
- Re: Over a decade of DDOS--any progress yet? Blake Dunlap (Dec 06)
- Re: Over a decade of DDOS--any progress yet? Jonas Frey (Probe Networks) (Dec 06)
  - Re: Over a decade of DDOS--any progress yet? Patrick W. Gilmore (Dec 06)
    - Re: Over a decade of DDOS--any progress yet? David Ulevitch (Dec 06)
    - Re: Over a decade of DDOS--any progress yet? Patrick W. Gilmore (Dec 06)
    - Re: Over a decade of DDOS--any progress yet? Sean Donelan (Dec 07)
    - Re: Over a decade of DDOS--any progress yet? Patrick W. Gilmore (Dec 07)
    - Re: Over a decade of DDOS--any progress yet? Paul Ferguson (Dec 07)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 07)
    - Re: Over a decade of DDOS--any progress yet? Adrian Chadd (Dec 07)

(Thread continues...)