North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: WANTED: ISPs with DDoS defense solutions

  • From: variable
  • Date: Wed Jul 30 18:18:29 2003

On Wed, 30 Jul 2003, Mike Tancsa wrote:

> I recall one of our users was involved in a DoS once a few years back
> when the "giant pings" could crash MS boxes. The fact that his perceived
> anonymity was removed was enough to keep him from repeating his
> attacks....

That's the heart of the problem.  Anyone who's owned enough boxes can sit 
there happily running a DDoS anonymously against a target because:

1) The OS/software/default settings for a lot of internet connected 
machines are weak, making it easy to attack from multiple locations.

2) A lot of networks have no customer or egress filtering and make it a 
lot more difficult to trace DDoS traffic because it generally uses faked 
source addresses.

If these issues are addressed then it becomes a lot harder to remain 
anonymous and starting DDoS attacks against targets that can trace you 
becomes a lot less attractive.