Over a decade of DDOS--any progress yet?

Jack Bates jbates at brightok.net
Wed Dec 8 10:17:44 CST 2010

On 12/8/2010 10:13 AM, Drew Weaver wrote:
> The most common attacks that I have seen over the last 12 months, and let's say I have seen a fair share have been easily detectable by the source network.
> It is either protocol 17 (UDP) dst port 80 or UDP Fragments (dst port 0..)
> What valid application actually uses UDP 80?
> You could literally wipe out a large amount of these attacks by simply filtering this.
> -Drew

You mean silly things like:

Warning, it is an 87160 line flow capture.



More information about the NANOG mailing list