[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SECURITY] Application layer attacks/DDoS attacks
- Subject: [SECURITY] Application layer attacks/DDoS attacks
- From: deleskie at gmail.com (jim deleskie)
- Date: Sat, 23 May 2015 22:12:35 -0300
- In-reply-to: <CAOLsBOuJNpJm4Hc-tsjgaEAYG=ia-bYjV-e3S22fcD8-x8JWkw@mail.gmail.com>
- References: <CAOLsBOu_xVCOUYRPNwxZGCm0RMU93QetegDsp90jX67bsZMFyw@mail.gmail.com> <CAJL_ZMOSkmhX-a=EDtiCj24u_ZBoD_yH5TrWH0xs-umpkpE=UA@mail.gmail.com> <[email protected]> <CAOLsBOvyYZ8XQL7w9CFt=tBgKAPjegnFes6snETAa=NJipWTtA@mail.gmail.com> <CAOLsBOuJNpJm4Hc-tsjgaEAYG=ia-bYjV-e3S22fcD8-x8JWkw@mail.gmail.com>
While I don't think any ISP "wants DDoS" to make $$, I do based on
experience believe that business cases have to be made for everything.
With the prices pay for BW in most of the world now, ( or the last number
of years) its going to be VERY hard to get anyone to allocated time/$$ or
energy to do anything they don't need to, to get the bit to you.
-jim
On Sat, May 23, 2015 at 6:33 PM, Ramy Hashish <ramy.ihashish at gmail.com>
wrote:
> Yes Harlan, you are absolutely right, even if this won't stop the
> botnet-based DDoS attacks, but at least will significantly decrease the
> volume/frequency of the volume based attacks.
>
> On the other side, the DDoS protection now become a business where
> all-tiers ISPs make money of, and those ISPs is the exact place where the
> implementation of anti-spoofing make the best sense, conflict of interests
> now...
>
> However, the trusted network initiative might be a good approach to start
> influencing operators to apply anti-spoofing mechanisms.
>
> Salam,
>
> Ramy
> On 23 May 2015 10:48 pm, "Harlan Stenn" <stenn at ntp.org> wrote:
>
> Just to ask, what is the expected effect on DDoS attacks if folks
> implemented BCP38?
>
> How does the cost of implementing BCP38 compare to the cost of other
> solution attempts?
>
> H
>
>