Quote:
|
Originally Posted by James
With a DOS attack, you can generally call the ISP of the source and get them cut off. This becomes infinitely more difficult in the distributed scenario
|
I don't see how you could do this in realtime, unless it was only a single attacker. If a DDoS hit you it would take a long time to analyze the logs and determine what sequence the attack was working on.
Even if you were adept, determining that sequence may be faster, but you'd still have to find the sources of the IP's and call the ISP's who own the IP blocks. These calls may take tens of minutes or longer on hold and whatnot. The entire time your firewall's buffer and your bandwidth is reaching critical mass.
Quote:
|
Originally Posted by Jason425
and especially if they're overseas in a 3rd world country
|
are you saying that ISP's overseas are less responsible for malicious activities of their clients?
04-28-2006, 02:20 PM
Hybrid Mode
