spf-discuss
[Top] [All Lists]

Re: Response to DDoS using SPF

2005-03-23 12:53:24
I don't mind having this discussion but I'm not sure how far this
needs to be thought through.

The bottom line is that if you are talking DDOS and a person has 20k
bots (for example) in their net, does it really matter whether which
steps you take? The real "solution" is going to be blocking the IPs of
the bots.... it takes some time and effort.  Having efficient lookups
isn't going to solve the problem (not that we shouldn't attempt to
have efficient lookups).

You make the lookups twice as efficient and the bad guy doubles the
number of bots or doubles the rate of lookups generated. Attacker (in
targetted attacks) has the initial advantage because they can increase
resources faster than defender can increase resources or improve
efficiency.

Mike


<Prev in Thread] Current Thread [Next in Thread>