Re: Are we really this helpless? (Re: isprime DOS in progress)

[Roland Dobbins <rdobbins () cisco com>]

On Jan 24, 2009, at 1:34 PM, Jack Bates wrote:

> Now I have fun trying to explain towards upstream management why a  
> good security team and policy is important in anyone we purchase  
> transit from.

Apart from commercial DDoS mitigation services, how many folks have  
SLAs which specify DoS-related response-times, ETRs, specify levels of  
service degradation, et. al. as part of their transit contracts,  
peering agreements, hosting/co-location agreements, etc.?  How many  
end-customers have these terms written into their contracts with their  
SPs?

Has anyone ever de-peered or terminated a transit or hosting/co- 
location relationship specifically due to DoS issues?  If so, was it  
based upon specific contractual clauses related to DoS, or was some  
other metric used to justify ending the arrangement (i.e., non- 
adherence to traffic ratios due to DoS traffic, or other effects)?   
Did you have to pay a termination fee to get out of the arrangement?

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () cisco com> // +852.9133.2844 mobile

     All behavior is economic in motivation and/or consequence.