Over a decade of DDOS--any progress yet?

Jack Bates jbates at brightok.net
Mon Dec 13 16:15:00 UTC 2010


On 12/13/2010 8:32 AM, Jared Mauch wrote:
> Or just buy a gig-e from cogent at 3$/meg/mo (or is it $4 this
> month?) to burn for ddos.
>
*cough* 10G burstable with 1-2G commit. Still cheaper than anything else
I have or can get, and more likely to handle those large DDOS cases,
where you can just reroute the effected network through the 10G and
mitigate with whatever hardware you have.

> Of course everyone is willing to sell you a seven-figure "solution"
> for your problems, but once you actually start talking about the
> usability, ease of provisioning, and the customer education about the
> caveats most people start to glaze quickly.
>
> Even with the right gear, technology, etc.. the vendors don't make it
> easy to deliver these solutions.

True, but they often will dedicate some time and effort during an attack 
to make things work. There are many in-house custom solutions you can 
use, and we've seen public blacklists use many of them over the years. 
If you want the extra support during the crisis, you pay the 3rd party 
for their product to get it.


Jack




More information about the NANOG mailing list