Re: Arbor Networks DoS defense product

[Pete Kruckenberg <pete () kruckenberg com>]

On Wed, 15 May 2002, Richard A Steenbergen wrote:

> It all depends on the networks involved. I'd venture to
> say that most people not associated with university
> networks see significantly less DoS, more like 1% of
> overall traffic for service providers and probably
> closer to 0% for end users who aren't IRCing.

Some presentations made at recent NANOGs discussed the
continuous noise generated by DDoS attacks, though I can't
find any numbers showing how much bandwidth the noise uses.

With the number of always-on broadband residential and
small-business customers, are education networks still the
(only) haven of hackers they used to be? Even enterprises
seem to be pretty active DDoS participants; there were/are a
lot of corporations generating CodeRed probes, and a
surprising number of residential machines.

Are there any service providers running IDS/NIDS on their
backbones and monitoring for DDoS attacks, to provide some
impirical data on the scope of DDoS traffic?

Pete.