| The attacks I have been able to detect represent around | 10-15% of my traffic on an on-going basis. | | I'm curious about the business case for investing in DoS | defense mechanisms. DoS traffic is boosting service provider | revenues through increased customer bandwidth usage. So the If and when (a) customers don't get exemption for attack traffic (b) the DoS traffic occurs more than 5% (or 1 - your percentile level) of the month per customer circuit (c) the DoS increases bytes transferred like large ICMP packet flood; this is not the case for all DoS traffic, which can be a bunch of small packets that actually decreases traffic | investment in defense mechanisms like Arbor would have to | replace or increase that revenue. Will these issues inhibit | wide-spread implementation of DoS defenses? I think a network that profits from client suffering doesn't keep its contracts for much time. Rubens Kuhl Jr.