Black Frog - the botnets keep coming

Valdis.Kletnieks at Valdis.Kletnieks at
Tue May 30 17:04:12 UTC 2006

On Tue, 30 May 2006 09:44:49 PDT, Alexei Roudnev said:
> Netwok must be designed to survive few DDOS attacks easily, by
> auto-isolating and auto-limiting such traffic. Else,
> you will have a serious problems if real traffic became congested (for
> example, everyone rush to download fee iPOD songs).

Mafiaboy hosed down a few big sites - I think he had something like 850
zombies under his control.  Today's botnets are averaging some 100x the size.

The problem is cost - the vast majority of sites on the Internet really *can't*
afford the resources needed to withstand the impact of a 100K zombie botnet
or a mention on Slashdot.  Even sites with big pipes have to make judgment
calls - our site has enough OC-12's worth of pipe to ride out a small attack.
But at some point, we need to draw the line and say "We're not putting in
another OC-48 until our normal traffic justifies it, and we'll just have to
bet that we don't piss off anybody with an OC-48's worth of zombies".

> Script-kiddies... what's about them, they existed in 199x-th as well and
> they will exist in 201x.

10 years ago, the script-kiddies were armed with the equivalent of switchblade
knives - now they're packing the equivalent of AK-47s and several magazines
of extra ammo.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list