RE: Pros and Cons of Cloud Computing in dealing with DDoS

["Stefan Fouant" <sfouant () shortestpathfirst com>]

> -----Original Message-----
> From: Paul Ferguson [mailto:fergdawgster () gmail com]
> Sent: Thursday, November 05, 2009 8:26 PM
>
> On Thu, Nov 5, 2009 at 4:46 PM, Stefan Fouant
> <sfouant () shortestpathfirst com> wrote:
>
> > > Actually, no - the miscreants are always going to have more
> bandwidth
> > > at their disposal, plus they utilize attack vectors which provide a
> > > great deal of amplification (including at layer-7) which make
> > > bandwidth largely irrelevant.
> >
> > So if I'm hearing you correctly, you're saying that no matter how
> much
> > infrastructure you have to potentially absorb the problem, there is
> > nothing you can do because the bad guys are always going to have more
> > bandwidth at their disposal.  Man, that's a pretty bad position to be
> in
> > for a vendor who's fundamental premise is to sell boxes to deal with
> > these sorts of
> > problems. ;)
>
> Well, the fact of the matter is that you can't put 10 lb. of
> [expletive]
> in a 5 lb. bag, so to speak. :-)

Which is why vendors selling DDoS mitigation equipment will always tell you
to get a 15lb. bag first. ;)  Their solutions work, but only if you got a
bag big enough to store a lot of crap.

Stefan Fouant
GPG Key ID: 0xB5E3803D