On Sat, 18 Aug 2001, jaywhy wrote: > It really wouldn't matter even if you only got to 20%, 10% or even 5% of the > vulnerable hosts. Those computer running a DDOS attack against anything > would completely destroy it. Uhm, no, imho. Even if you have 10% of the internet it still makes a big difference which 10% you have (and which internet ;-), and where your target is, and how their network is, ahem, misdesigned (if a 14y old is gonna blow it up :-) , and what your route(s) to the target are. The DDoSability of a network is a big function of it's design. From my tests, and barring me playing around with custom worm test races (Exhibition event at the next Olympics? :-), in ddos there seem to be a few big factors: the cleverness of the transmitter design, the oompf of the tx vs. rx, (os cpu nic everything), and the sizes and bottlenecks of the pipes in between. As the people who run heavily dossed servers have alredy evolved, by careful network design and multiple peering and redundant facilities you can make your network very D/DoSsurvivable. cheers, --dr ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Aug 19 2001 - 09:44:43 PDT