Krebs on Security booted off Akamai network after DDoS attack proves pricey
Roland Dobbins
rdobbins at arbor.net
Tue Sep 27 04:05:19 UTC 2016
On 27 Sep 2016, at 6:58, Christopher Morrow wrote:
> wouldn't something as simple as netflow/sflow/ipfix synthesized on the
> CPE and kept for ~30mins (just guessing) in a circular buffer be 'good
> enough' to present a pretty clear UI to the user?
+1 for this capability in CPE.
OTOH, it will be of no use whatsoever to the user. Providing the user
with access to anomalous traffic feeds won't help, either.
Users aren't going to call in some third-party service/support company,
either.
It call comes down to the network operator, one way or another. There's
no separation in the public mind of 'my network' from 'the Internet'
that is analogous to the separation between 'the power company' and 'the
electrical wiring in my house/apartment' (and even in that space, the
conceptual separation often isn't present).
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the NANOG
mailing list