Re: Over a decade of DDOS--any progress yet?

[Christopher Morrow <morrowc.lists () gmail com>]

On Sun, Dec 12, 2010 at 12:20 AM, Jeffrey Lyon
<jeffrey.lyon () blacklotus net> wrote:
> I'm certain there are thresholds to that. Carrier grade mitigation
> solutions will start low and ramp up to 5, 6, 7, etc. figures
> depending on the attack and amount of bandwidth to be filtered among
> other variables.

nope, the pricing (when I was there, and I don't think it's changed
much) is 3250/month for 500mbps or mitigation, though there was
~12gbps available easily before any work had to be done by the ISP...
If the plan I/sfouant put in place was followed you could had scaled
the capacity to much higher than that.

If a customer continuously abused the 'limit' they may have been
boosted to the next tier, but... I'd not ever seen that done.

3250/month... easy, peasy.

-chris

> Jeff
>
>
> On Sun, Dec 12, 2010 at 12:05 AM, Christopher Morrow
> <morrowc.lists () gmail com> wrote:
> > On Fri, Dec 10, 2010 at 5:51 PM, Joel Jaeggli <joelja () bogus com> wrote:
> > > On 12/10/10 12:33 PM, Drew Weaver wrote:
> > > > Nobody has really driven the point home that yes you can purchase a
> > > > system from Arbor, RioRey, make your own mitigation system; what-have
> > > > you, but you still have to pay for the transit to digest the attack,
> > > > which is probably the main cost right now.
> > >
> > > or you outsource it and it's still costlier.
> > >
> > > Paying for DOS mitigation you rarely if ever use is quite expensive. If
> > > you use it a lot it's even more expensive, but can at least be
> > > rationalized on the basis of known costs e.g. npv calculation on the
> > > number and duration of outages...
> >
> > verizon's ddos service was/is 3250/month flat... not extra if there
> > was some sort of incident, and completely self-service for the
> > customer(s). Is 3250/month a reasonable insurance against loss?
> > (40k/yr or there abouts)
> >
> > -chris
> >
> > > > -Drew
> > > >
> > > >
> > > > -----Original Message----- From: Dobbins, Roland
> > > > [mailto:rdobbins () arbor net] Sent: Wednesday, December 08, 2010 11:54
> > > > AM To: North American Operators' Group Subject: Re: Over a decade of
> > > > DDOS--any progress yet?
> > > >
> > > >
> > > > On Dec 8, 2010, at 11:47 PM, Jay Coley wrote:
> > > >
> > > > > This has been our recent experience as well.
> > > >
> > > > I see a link-filling attacks with some regularity; but again, what
> > > > I'm saying is simply that they aren't as prevalent as they used to
> > > > be, because the attackers don't *need* to fill links in order to
> > > > achieve their goals, in many cases.
> > > >
> > > > That being said, high-bandwidth DNS reflection/amplification attacks
> > > > tip the scales, every time.
> > > >
> > > > > Lastly there is usually always someone at the other end of these
> > > > > attacks watching what is working and what is not
> > > >
> > > >
> > > > This is a very important point - determined attackers will observe
> > > > and react in order to try and defeat successful countermeasures, so
> > > > the defenders must watch for shifting attack vectors.
> > > >
> > > > -----------------------------------------------------------------------
> > > Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>
> > > > Sell your computer and buy a guitar.
>
>
>
> --
> Jeffrey Lyon, Leadership Team
> jeffrey.lyon () blacklotus net | http://www.blacklotus.net
> Black Lotus Communications - AS32421
> First and Leading in DDoS Protection Solutions