Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Client DDoS requests, ideas?
From: Roland Dobbins <rdobbins () cisco com>
Date: Tue, 15 Jul 2008 07:15:58 +0700

On Jul 15, 2008, at 5:48 AM, Sergio Castro wrote:

The DDOS protection company you are thinking about is www.prolexic.com

There are actually many SPs offer 'clean pipes'-type DDoS mitigation services; Prolexic, AT&T, Sprint, Rackspace, SAVVIS, and many others.

And you're correct that no responsible SP offers any sort of DDoS- testing types of services because of the costs and potential for collateral damage. So, in most cases, this sort of testing must take place locally; note that very very few organizations will allow this kind of testing against a production network, so it's generally relegated to the lab.

As someone else pointed out, there are many many different classes of/ flavors of DoS; the main thing to keep in mind is that DoS attacks are attacks against capacity and/or state, and how to defend against them at all layers of the model.

Roland Dobbins <rdobbins () cisco com> // + mobile

     History is a great teacher, but it also lies with impunity.

                   -- John Robb

This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]