The DDOS problem & security BOF: Am i mistaken?

Danny McPherson danny at
Wed Oct 15 18:09:00 UTC 2008

Given that I both co-moderated the ISP security BOF AND
gave a ~9 minute presentation covering *empirical* data and
stats of observed attack vectors across 100 ISP networks
over 640 days, and shared a slide or two with stats from
an infrastructure security survey we've been doing and
sharing with the operations community for 4 years now, I
take a bit of offense to your comments below.  I make a
concerted effort to decouple vendor pitches from both the
data sets presented and believe I did so effectively.

There was open microphone time and you were welcome to
share your thoughts.  There has been context set with both
the data I presented and the survey in previous meetings and
NANOGs, it's unfortunate you're unfamiliar with this.

Rodney's presentation was one vendor's approach to a very
real problem, one that has consumed a significant amount of
ISP operations resources over the past 6 months, and you
were certainly welcome to comment on that as well - as you
note Vixie and others did - and that's a large part of the
point of the BOF, IMO.

You're welcome to contribute positively in some manner to
the next BOF - proactively - or co-moderate if you'd like,
but to address the question in the subject line directly -
"Am I mistaken", I believe yes.

Also, please don't confuse discussion of what happened at
beer n gear with what happened at the BOF.


More information about the NANOG mailing list