Over a decade of DDOS--any progress yet?
zhanna at yahoo-inc.com
Tue Oct 4 19:35:15 UTC 2011
The NIST has proposed a framework for operators to notify botnet victims.
The call for comments and article discussing it are described here:
"Comments on the proposed Code of Conduct and botnet reporting initiative
are due on or before 5 p.m. EDT, November 4, 2011.
comments on the proposal may be submitted by mail to the National
Institute of Standards and Technology at the U.S. Department of
Commerce, 1401 Constitution Avenue, NW., Room 4822, Washington, DC
20230. Submissions may be in any of the following formats: HTML, ASCII,
Word, rtf, or pdf.
Online comment submissions in electronic form may be sent to
Consumer_Notice_RFI at nist.gov.
Paper submissions should include a compact disc (CD). CDs should be
labeled with the name and organizational affiliation of the filer and
the name of the word processing program used to create the document.
Comments will be posted at http://www.nist.gov/itl/.
A list of questions are included in the Request for Information, and can
be accessed at the source link below:
IMHO this would go a long way to addressing the underlying root cause
On 12/14/10 5:34 PM, "Joel Jaeggli" <joelja at bogus.com> wrote:
>On 12/8/10 6:30 AM, Drew Weaver wrote:
>> Yes, but this obviously completes the 'DDoS attack' and sends the
>>signal that the bully will win.
>it's part of a valid mitigation strategy. shifting the target out from
>underneath the blackholed address is also part of the activity. that's
>easier in some cases than others. the bots will move and you play whack
>a rat with your upstreams.
>> From: alvaro.sanchez at adinet.com.uy
>>[mailto:alvaro.sanchez at adinet.com.uy]
>> Sent: Wednesday, December 08, 2010 8:46 AM
>> To: rdobbins at arbor.net; North American Operators' Group
>> Subject: Re: Over a decade of DDOS--any progress yet?
>> A very common action is to blackhole ddos traffic upstream by sending a
>> bgp route to the next AS with a preestablished community indicating the
>> traffic must be sent to Null0. The route may be very specific, in order
>> to impact as less as possible. This needs previous coordination between
More information about the NANOG