WANTED: ISPs with DDoS defense solutions
Stephen J. Wilcox
steve at telecomplete.co.uk
Thu Jul 31 13:30:18 UTC 2003
I take it folks havent started implementing RFC3514 yet, should solve all these
issues....
Steve
On Thu, 31 Jul 2003, Petri Helenius wrote:
>
>
> I would say that because backdoored hosts are easily available in large
> quantities, spoofing does not make sense and usually alarms various systems
> more quickly than packets from legitimate addresses.
>
> Pete
>
> ----- Original Message -----
> From: <variable at ednet.co.uk>
> To: "Rob Thomas" <robt at cymru.com>
> Cc: "NANOG" <nanog at merit.edu>
> Sent: Thursday, July 31, 2003 4:17 PM
> Subject: Re: WANTED: ISPs with DDoS defense solutions
>
>
> >
> > On Wed, 30 Jul 2003, Rob Thomas wrote:
> >
> > > I've tracked 1787 DDoS attacks since 01 JAN 2003. Of that number,
> > > only 32 used spoofed sources. I rarely see spoofed attacks now.
> >
> > Do you have any ideas as to why that is? Is it due to more providers
> > doing source filtering? It wouldn't make sense for attackers to become
> > less sophisticated unless they became more difficult to catch for other
> > reasons (e.g. botnets getting bigger).
> >
> > Rich
> >
> >
>
More information about the NANOG
mailing list