While I don't think any ISP "wants DDoS" to make $$, I do based on experience believe that business cases have to be made for everything. With the prices pay for BW in most of the world now, ( or the last number of years) its going to be VERY hard to get anyone to allocated time/$$ or energy to do anything they don't need to, to get the bit to you. -jim On Sat, May 23, 2015 at 6:33 PM, Ramy Hashish <ramy.ihashish@gmail.com> wrote:
Yes Harlan, you are absolutely right, even if this won't stop the botnet-based DDoS attacks, but at least will significantly decrease the volume/frequency of the volume based attacks.
On the other side, the DDoS protection now become a business where all-tiers ISPs make money of, and those ISPs is the exact place where the implementation of anti-spoofing make the best sense, conflict of interests now...
However, the trusted network initiative might be a good approach to start influencing operators to apply anti-spoofing mechanisms.
Salam,
Ramy On 23 May 2015 10:48 pm, "Harlan Stenn" <stenn@ntp.org> wrote:
Just to ask, what is the expected effect on DDoS attacks if folks implemented BCP38?
How does the cost of implementing BCP38 compare to the cost of other solution attempts?
H