[AusNOG] DDoS attack sizes
Roland Dobbins
rdobbins at arbor.net
Mon Feb 8 16:53:36 EST 2016
On 8 Feb 2016, at 12:42, Nick Evendor wrote:
> What size attacks are people seeing
The largest verified DDoS attack worldwide, so far, was 500gb/sec of
SSDP reflection/amplification.
The latest Arbor WISR report is here (free registration required):
<http://www.arbornetworks.com/resources/annual-security-report>
[Full disclosure: I work for Arbor Networks, as indicated by my email
address.]
> and is it time to over purchase bandwidth and move to a ten gigabit
> service.
That won't help, as the attackers have a lot more attack capacity
available than most defenders have bandwidth (e.g., all but the few very
largest endpoint networks). You need to be able to mitigate on your own
(S/RTBH, flowspec, etc.) and work with your peers/upstreams/MSSPs to
deal with attacks which choke transit/peering links.
There are some .pdf presos here which talk about DDoS defense, BCPs, and
so forth:
<https://app.box.com/s/4h2l6f4m8is6jnwk28cg>
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the AusNOG
mailing list