nanog mailing list archives

RE: Over a decade of DDOS--any progress yet?

From: Drew Weaver <drew.weaver () thenap com>
Date: Wed, 8 Dec 2010 11:14:52 -0500

I would say that > 99% of the attacks that we see are 'link fillers' with < 1% being an application attack.

thanks,
-Drew

-----Original Message-----
From: Dobbins, Roland [mailto:rdobbins () arbor net] 
Sent: Wednesday, December 08, 2010 10:41 AM
To: North American Operators' Group
Subject: Re: Over a decade of DDOS--any progress yet?

On Dec 8, 2010, at 10:36 PM, Thomas Mangin wrote:

If you are a smaller network, you need the filtering to be performed by your transit provider, as your uplink will 
otherwise be congested.


Actually, most DDoS attacks aren't link-flooding attacks - this hasn't been true for the last ~7 years or so.

I'm not saying it doesn't happen, because it does, and sometimes quite spectacularly - but in most cases, the attackers 
don't have to flood the link to achieve their desired goal.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

               Sell your computer and buy a guitar.

Current thread:

Re: Over a decade of DDOS--any progress yet?, (continued)
- - - Re: Over a decade of DDOS--any progress yet? Matthew Petach (Dec 09)
    - Re: Over a decade of DDOS--any progress yet? Valdis . Kletnieks (Dec 09)
- Re: Over a decade of DDOS--any progress yet? alvaro.sanchez () adinet com uy (Dec 08)
  - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? jim deleskie (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Joel Jaeggli (Dec 14)
  - Re: Over a decade of DDOS--any progress yet? Thomas Mangin (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Thomas Mangin (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jack Bates (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jeffrey Lyon (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jack Bates (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Randy McAnally (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 10)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jay Coley (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)

(Thread continues...)