The DDOS problem & security BOF: Am i mistaken?
danny at tcb.net
Wed Oct 15 18:09:00 UTC 2008
Given that I both co-moderated the ISP security BOF AND
gave a ~9 minute presentation covering *empirical* data and
stats of observed attack vectors across 100 ISP networks
over 640 days, and shared a slide or two with stats from
an infrastructure security survey we've been doing and
sharing with the operations community for 4 years now, I
take a bit of offense to your comments below. I make a
concerted effort to decouple vendor pitches from both the
data sets presented and believe I did so effectively.
There was open microphone time and you were welcome to
share your thoughts. There has been context set with both
the data I presented and the survey in previous meetings and
NANOGs, it's unfortunate you're unfamiliar with this.
Rodney's presentation was one vendor's approach to a very
real problem, one that has consumed a significant amount of
ISP operations resources over the past 6 months, and you
were certainly welcome to comment on that as well - as you
note Vixie and others did - and that's a large part of the
point of the BOF, IMO.
You're welcome to contribute positively in some manner to
the next BOF - proactively - or co-moderate if you'd like,
but to address the question in the subject line directly -
"Am I mistaken", I believe yes.
Also, please don't confuse discussion of what happened at
beer n gear with what happened at the BOF.
More information about the NANOG