DOS attack tracing

Hannigan, Martin hannigan at verisign.com
Tue May 10 14:53:17 UTC 2005


> -----Original Message-----
> From: Suresh Ramasubramanian [mailto:ops.lists at gmail.com]
> Sent: Tuesday, May 10, 2005 8:06 AM
> To: Hannigan, Martin
> Cc: Kim Onnel; Scott Weeks; nanog at merit.edu
> Subject: Re: DOS attack tracing
> 
> 
> On 5/10/05, Hannigan, Martin <hannigan at verisign.com> wrote:
> > DDOS' is rather infrequent to zero for most enterprises. That DDOS
> > golden banana is rather yummy with sprinkles on top. Don't 
> get me wrong,
> > the DDOS problem is real, but not for everyone, and not as 
> frequently as
> > it's being hyped up to be. A managed service is a better way
> > to go if they're worried, IMO.
> 
> There's also the "minimze risk" thing .. take a conscious business
> decision not to host one of the typical DDoS magnets (dont allow
> people to run IRC bots on your colo farm, for example)

There's two classes of discussion here. One for service providers
who should have DDOS defense, and one for enterprises who should have
risk mitigation in mind. I think that operators should have DDOS defense
capabilities for themselves and their customers, and I think that enterprises
should seriously evaluate their need for a full blown implementation of a 
DDOS solution based on a solid risk analysis. 

As far as DOS tracing goes, using the freeware tools locally, and either
buying and/or subscribing to a ddos defense service make sense as much
as it makes sense to analyze the cost and your own capability as well as
your providers capability to quickly and successfully defend against a DDOS.

-M<



 



More information about the NANOG mailing list