Over a decade of DDOS--any progress yet?

• Previous message (by thread): Over a decade of DDOS--any progress yet?
• Next message (by thread): Over a decade of DDOS--any progress yet?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Dec 12, 2010 at 12:20 AM, Jeffrey Lyon
<jeffrey.lyon at blacklotus.net> wrote:
> I'm certain there are thresholds to that. Carrier grade mitigation
> solutions will start low and ramp up to 5, 6, 7, etc. figures
> depending on the attack and amount of bandwidth to be filtered among
> other variables.
>

nope, the pricing (when I was there, and I don't think it's changed
much) is 3250/month for 500mbps or mitigation, though there was
~12gbps available easily before any work had to be done by the ISP...
If the plan I/sfouant put in place was followed you could had scaled
the capacity to much higher than that.

If a customer continuously abused the 'limit' they may have been
boosted to the next tier, but... I'd not ever seen that done.

3250/month... easy, peasy.

-chris

> Jeff
>
>
> On Sun, Dec 12, 2010 at 12:05 AM, Christopher Morrow
> <morrowc.lists at gmail.com> wrote:
>> On Fri, Dec 10, 2010 at 5:51 PM, Joel Jaeggli <joelja at bogus.com> wrote:
>>> On 12/10/10 12:33 PM, Drew Weaver wrote:
>>>> Nobody has really driven the point home that yes you can purchase a
>>>> system from Arbor, RioRey, make your own mitigation system; what-have
>>>> you, but you still have to pay for the transit to digest the attack,
>>>> which is probably the main cost right now.
>>>
>>> or you outsource it and it's still costlier.
>>>
>>> Paying for DOS mitigation you rarely if ever use is quite expensive. If
>>> you use it a lot it's even more expensive, but can at least be
>>> rationalized on the basis of known costs e.g. npv calculation on the
>>> number and duration of outages...
>>>
>>
>> verizon's ddos service was/is 3250/month flat... not extra if there
>> was some sort of incident, and completely self-service for the
>> customer(s). Is 3250/month a reasonable insurance against loss?
>> (40k/yr or there abouts)
>>
>> -chris
>>
>>>> -Drew
>>>>
>>>>
>>>> -----Original Message----- From: Dobbins, Roland
>>>> [mailto:rdobbins at arbor.net] Sent: Wednesday, December 08, 2010 11:54
>>>> AM To: North American Operators' Group Subject: Re: Over a decade of
>>>> DDOS--any progress yet?
>>>>
>>>>
>>>> On Dec 8, 2010, at 11:47 PM, Jay Coley wrote:
>>>>
>>>>> This has been our recent experience as well.
>>>>
>>>> I see a link-filling attacks with some regularity; but again, what
>>>> I'm saying is simply that they aren't as prevalent as they used to
>>>> be, because the attackers don't *need* to fill links in order to
>>>> achieve their goals, in many cases.
>>>>
>>>> That being said, high-bandwidth DNS reflection/amplification attacks
>>>> tip the scales, every time.
>>>>
>>>>> Lastly there is usually always someone at the other end of these
>>>>> attacks watching what is working and what is not
>>>>
>>>>
>>>> This is a very important point - determined attackers will observe
>>>> and react in order to try and defeat successful countermeasures, so
>>>> the defenders must watch for shifting attack vectors.
>>>>
>>>> -----------------------------------------------------------------------
>>>>
>>>>
>>> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>>>>
>>>> Sell your computer and buy a guitar.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>
>>
>
>
>
> --
> Jeffrey Lyon, Leadership Team
> jeffrey.lyon at blacklotus.net | http://www.blacklotus.net
> Black Lotus Communications - AS32421
> First and Leading in DDoS Protection Solutions
>

• Previous message (by thread): Over a decade of DDOS--any progress yet?
• Next message (by thread): Over a decade of DDOS--any progress yet?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]