Nobody has really driven the point home that yes you can purchase a system from Arbor, RioRey, make your own mitigation system; what-have you, but you still have to pay for the transit to digest the attack, which is probably the main cost right now. -Drew -----Original Message----- From: Dobbins, Roland [mailto:rdobbins@arbor.net] Sent: Wednesday, December 08, 2010 11:54 AM To: North American Operators' Group Subject: Re: Over a decade of DDOS--any progress yet? On Dec 8, 2010, at 11:47 PM, Jay Coley wrote:
This has been our recent experience as well.
I see a link-filling attacks with some regularity; but again, what I'm saying is simply that they aren't as prevalent as they used to be, because the attackers don't *need* to fill links in order to achieve their goals, in many cases. That being said, high-bandwidth DNS reflection/amplification attacks tip the scales, every time.
Lastly there is usually always someone at the other end of these attacks watching what is working and what is not
This is a very important point - determined attackers will observe and react in order to try and defeat successful countermeasures, so the defenders must watch for shifting attack vectors. ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> Sell your computer and buy a guitar.