nanog mailing list archives
Re: Over a decade of DDOS--any progress yet?
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Sun, 12 Dec 2010 00:41:32 -0500
On Sun, Dec 12, 2010 at 12:20 AM, Jeffrey Lyon <jeffrey.lyon () blacklotus net> wrote:
I'm certain there are thresholds to that. Carrier grade mitigation solutions will start low and ramp up to 5, 6, 7, etc. figures depending on the attack and amount of bandwidth to be filtered among other variables.
nope, the pricing (when I was there, and I don't think it's changed much) is 3250/month for 500mbps or mitigation, though there was ~12gbps available easily before any work had to be done by the ISP... If the plan I/sfouant put in place was followed you could had scaled the capacity to much higher than that. If a customer continuously abused the 'limit' they may have been boosted to the next tier, but... I'd not ever seen that done. 3250/month... easy, peasy. -chris
Jeff On Sun, Dec 12, 2010 at 12:05 AM, Christopher Morrow <morrowc.lists () gmail com> wrote:On Fri, Dec 10, 2010 at 5:51 PM, Joel Jaeggli <joelja () bogus com> wrote:On 12/10/10 12:33 PM, Drew Weaver wrote:Nobody has really driven the point home that yes you can purchase a system from Arbor, RioRey, make your own mitigation system; what-have you, but you still have to pay for the transit to digest the attack, which is probably the main cost right now.or you outsource it and it's still costlier. Paying for DOS mitigation you rarely if ever use is quite expensive. If you use it a lot it's even more expensive, but can at least be rationalized on the basis of known costs e.g. npv calculation on the number and duration of outages...verizon's ddos service was/is 3250/month flat... not extra if there was some sort of incident, and completely self-service for the customer(s). Is 3250/month a reasonable insurance against loss? (40k/yr or there abouts) -chris-Drew -----Original Message----- From: Dobbins, Roland [mailto:rdobbins () arbor net] Sent: Wednesday, December 08, 2010 11:54 AM To: North American Operators' Group Subject: Re: Over a decade of DDOS--any progress yet? On Dec 8, 2010, at 11:47 PM, Jay Coley wrote:This has been our recent experience as well.I see a link-filling attacks with some regularity; but again, what I'm saying is simply that they aren't as prevalent as they used to be, because the attackers don't *need* to fill links in order to achieve their goals, in many cases. That being said, high-bandwidth DNS reflection/amplification attacks tip the scales, every time.Lastly there is usually always someone at the other end of these attacks watching what is working and what is notThis is a very important point - determined attackers will observe and react in order to try and defeat successful countermeasures, so the defenders must watch for shifting attack vectors. -----------------------------------------------------------------------Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>Sell your computer and buy a guitar.-- Jeffrey Lyon, Leadership Team jeffrey.lyon () blacklotus net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
Current thread:
- RE: Over a decade of DDOS--any progress yet?, (continued)
- RE: Over a decade of DDOS--any progress yet? Randy McAnally (Dec 08)
- RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 10)
- Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
- Re: Over a decade of DDOS--any progress yet? Jay Coley (Dec 08)
- Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
- RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 10)
- Re: Over a decade of DDOS--any progress yet? Joel Jaeggli (Dec 10)
- Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 10)
- Re: Over a decade of DDOS--any progress yet? Christopher Morrow (Dec 11)
- Re: Over a decade of DDOS--any progress yet? Jeffrey Lyon (Dec 11)
- Re: Over a decade of DDOS--any progress yet? Christopher Morrow (Dec 11)
- RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 13)
- Re: Over a decade of DDOS--any progress yet? Christopher Morrow (Dec 13)
- Re: Over a decade of DDOS--any progress yet? Aaron Glenn (Dec 11)
- Re: Over a decade of DDOS--any progress yet? Christopher Morrow (Dec 11)
- Re: Over a decade of DDOS--any progress yet? LorĂ¡nd Jakab (Dec 13)
- RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 13)
- Re: Over a decade of DDOS--any progress yet? Christopher Morrow (Dec 13)
- Re: Over a decade of DDOS--any progress yet? Kevin Oberman (Dec 13)
- Re: Over a decade of DDOS--any progress yet? Christopher Morrow (Dec 13)
- Re: Over a decade of DDOS--any progress yet? Jared Mauch (Dec 13)