DDoS Attacks Exceed 100 Gbps For First Time 62
wiredmikey writes "The Sixth Annual Worldwide Infrastructure Security Report, released today by Arbor Networks, revealed that DDoS attack size broke 100 Gbps for first time; up 1000% since 2005. In addition to hitting the 100 Gbps attack barrier for the first time, application layer attacks hit an all-time high. Additionally, it goes on to show that as new equipment, protocols and services are introduced into networks, the vulnerable attack surface for DDoS is expanded. DDoS attacks are likely to continue as a low cost, high-profile form of cyber-protest in 2011 and beyond."
A good use of traffic shaping by ISPs (Score:4, Interesting)
In general, I'm not a big fan of all the proposals by ISPs to limit user traffic, cap data, etc.
But, it seems to me that clamping down on DDoS's initiated by zombie networks would be a fabulous use of the related technologies. If the ISPs really want to cut down on traffic, start cutting off all the traffic from botnet zombies.
I wonder if they could even, using Deep Packet Inspection, figure out what traffic was specifically from the botnet, and refuse to route that traffic, while still allowing legitimate traffic (e.g. the user browsing the web with their web browser, playing online games, sending email, etc) from the same machines.