I thought we already went through this in the late 90s?
The signatures for a DDoS are well formed. As such so are the tools built into the major network vendors and intrusion detection systems.
1) IDS/IPS see bad behavior
2) IDS sends dynamic ACLs to routers
3) Routers shun "bad" traffic
Am I missing something here? Or is this why I do this for a living?
AT isn't to blame of course, its their hosting service/provider that should have these countermeasures already in place.
I understand that a well crafted DDoS attack is very difficult to stop. But at the same time there is technology out there to thwart it. Heck there is basic mitigation in IOS.
The signatures for a DDoS are well formed. As such so are the tools built into the major network vendors and intrusion detection systems.
1) IDS/IPS see bad behavior
2) IDS sends dynamic ACLs to routers
3) Routers shun "bad" traffic
Am I missing something here? Or is this why I do this for a living?
AT isn't to blame of course, its their hosting service/provider that should have these countermeasures already in place.
I understand that a well crafted DDoS attack is very difficult to stop. But at the same time there is technology out there to thwart it. Heck there is basic mitigation in IOS.