On Wed, 15 May 2002, Richard A Steenbergen wrote:
It all depends on the networks involved. I'd venture to say that most people not associated with university networks see significantly less DoS, more like 1% of overall traffic for service providers and probably closer to 0% for end users who aren't IRCing.
Some presentations made at recent NANOGs discussed the continuous noise generated by DDoS attacks, though I can't find any numbers showing how much bandwidth the noise uses. With the number of always-on broadband residential and small-business customers, are education networks still the (only) haven of hackers they used to be? Even enterprises seem to be pretty active DDoS participants; there were/are a lot of corporations generating CodeRed probes, and a surprising number of residential machines. Are there any service providers running IDS/NIDS on their backbones and monitoring for DDoS attacks, to provide some impirical data on the scope of DDoS traffic? Pete.