> If the IP addresses showing up at your server in a DDOS
> situation were the legitimate IP addresses for offending
> machines, filtering them out would be relatively easy in the
> scheme of things!
So what is the best architecture/method to defend against DDOS?
Unfortunately DDOS has graduated from script kiddies to
organized crime. In fact the company I work for was under DDOS
attack and received an extortion letter demanding $50,000 for a
1 year "protection" from attack. I'm aware of at least a dozen
companies in the area that received similar attacks/letters.
I wasn't involved in managing the network at the time, but I suspect
boredom and the multitude of other targets was more responsible
for the DDOS stopping than was the series of firewalls and filters
put into place.
How should one architect their systems to minimize the impact of
DDOS?
Adam
---
You are currently subscribed to e-gold-list as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s)
via the web and shopping cart interfaces to help thwart keystroke loggers and common
viruses.
