nanog mailing list archives
Re: Over a decade of DDOS--any progress yet?
From: Arturo Servin <arturo.servin () gmail com>
Date: Wed, 8 Dec 2010 10:28:34 -0200
One big problem (IMHO) of DDoS is that sources (the host of botnets) may be completely unaware that they are part of a DDoS. I do not mean the bot machine, I mean the ISP connecting those. In the other hand the target of a DDoS cannot do anything to stop to attack besides adding more BW or contacting one by one the whole path of providers to try to minimize the effect. I know that this has many security concerns, but would it be good a signalling protocol between ISPs to inform the sources of a DDoS attack in order to take semiautomatic actions to rate-limit the traffic as close as the source? Of course that this is more complex that these three or two lines, but I wonder if this has been considerer in the past. Regards. -as On 8 Dec 2010, at 10:00, nanog-request () nanog org wrote:
Date: Wed, 8 Dec 2010 10:58:38 +0000 From: bmanning () vacation karoshi com Subject: Re: Over a decade of DDOS--any progress yet? To: "Dobbins, Roland" <rdobbins () arbor net> Cc: North American Operators' Group <nanog () nanog org> Message-ID: <20101208105838.GD5841 () vacation karoshi com.> Content-Type: text/plain; charset=us-ascii actually, botnets are an artifact. claiming that the tool is the problem might be a bit short sighted. with the evolution of Internet technologies (IoT) i suspect botnet-like structures to become much more prevelent and useful for things other than coordinated attacks. just another PoV. --bill On Wed, Dec 08, 2010 at 04:46:13AM +0000, Dobbins, Roland wrote:On Dec 8, 2010, at 11:26 AM, Sean Donelan wrote:Other than trying to hide your real address, what can be done to prevent DDOS in the first place.DDoS is just a symptom. The problem is botnets. Preventing hosts from becoming bots in the first place and taking down existing botnets is the only way to actually *prevent* DDoS attacks. Note that prevention is distinct from *defending* oneself against DDoS attacks. ----------------------------------------------------------------------- Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com> Sell your computer and buy a guitar.
Current thread:
- Re: Over a decade of DDOS--any progress yet?, (continued)
- Re: Over a decade of DDOS--any progress yet? Adrian Chadd (Dec 07)
- Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 07)
- Re: Over a decade of DDOS--any progress yet? Adrian Chadd (Dec 07)
- Re: Over a decade of DDOS--any progress yet? bmanning (Dec 08)
- Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
- Re: Over a decade of DDOS--any progress yet? Thomas Mangin (Dec 08)
- Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
- Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
- Re: Over a decade of DDOS--any progress yet? JC Dill (Dec 08)
- Re: Over a decade of DDOS--any progress yet? Jack Bates (Dec 08)
- Re: Over a decade of DDOS--any progress yet? Seth Mattinen (Dec 08)
- Re: Over a decade of DDOS--any progress yet? Curtis Maurand (Dec 09)
- Re: Over a decade of DDOS--any progress yet? Greg Whynott (Dec 09)
- Re: Over a decade of DDOS--any progress yet? Simon Leinen (Dec 11)