22 Oct
2016
22 Oct
'16
6:09 p.m.
One way to deal with this would be for ISP's to purchase DoS attacks against their own servers (not necessarially hosted on your own network) then look at which connections from their network attacking these machines then quarantine these connections after a delay period so that attacks can't be corollated with quarantine actions easily. This doesn't require a ISP to attempt to break into a customers machine to identify them. It may take several runs to identify most of the connections associated with a DoS provider. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org