[SECURITY] Application layer attacks/DDoS attacks

jim deleskie deleskie at gmail.com
Sun May 24 01:12:35 UTC 2015

While I don't think any ISP "wants DDoS" to make $$, I do based on
experience believe that business cases have to be made for everything.
With the prices pay for BW in most of the world now, ( or the last number
of years) its going to be VERY hard to get anyone to allocated time/$$ or
energy to do anything they don't need to, to get the bit to you.


On Sat, May 23, 2015 at 6:33 PM, Ramy Hashish <ramy.ihashish at gmail.com>

> Yes Harlan, you are absolutely right, even if this won't stop the
> botnet-based DDoS attacks, but at least will significantly decrease the
> volume/frequency of the volume based attacks.
> On the other side, the DDoS protection now become a business where
> all-tiers ISPs make money of, and those ISPs is the exact place where the
> implementation of anti-spoofing make the best sense, conflict of interests
> now...
> However, the trusted network initiative might be a good approach to start
> influencing operators to apply anti-spoofing mechanisms.
> Salam,
> Ramy
> On 23 May 2015 10:48 pm, "Harlan Stenn" <stenn at ntp.org> wrote:
> Just to ask, what is the expected effect on DDoS attacks if folks
> implemented BCP38?
> How does the cost of implementing BCP38 compare to the cost of other
> solution attempts?
> H

More information about the NANOG mailing list