Academics Studied DDoS Takedowns and Said They're Ineffective, Recommend Patching Vulnerable Servers (zdnet.com) 5
A team of Dutch and German academics has studied the aftermath of a major crackdown against DDoS providers and concluded that law enforcement takedowns are largely ineffective, recommending that authorities rather focus on patching the vulnerable systems that are abused for the DDoS attacks in the first place. From a report: The study, published last year on paper-hosting service arXiv, analyzed how the DDoS-for-hire market was impacted after US and European law enforcement shut down 15 major DDoS-for-hire (aka DDoS booter, DDoS stresser) services in December 2018. The research team said it analyzed DDoS attack traffic observed at the level of three different major networks -- a tier-1 internet service provider, a tier-2 internet service provider, and a major IXP (internet exchange point). "The takedown immediately reduced the DDoS amplification traffic to reflectors," the research team said. "However, it did not have any significant effect on DDoS traffic hitting victims or on the number of attacks observed." By reflectors, the research team is referring to vulnerable servers abused during a DDoS attack.
password lockout rules can lead to some DDoS (Score:3)
password lockout rules can lead to some DDoS. That may not take that much load to trigger
Um ... (Score:4, Insightful)
DDoS Takedowns ... Ineffective, Recommend Patching Vulnerable Servers
I wasn't aware this was an "either / or" situation.
Re: (Score:2)
Quite often this is a "neither" situation, unfortunately.
Re: (Score:2)
DDOS Attacks (Score:1)