Click here to read the latest newsletter!

ISPproNews
SearchNewz
SEOarticles










DDoS Attacks And The Role Of ISPs

By Joe Purcell
Expert Author
Article Date: 2011-09-01

DDoS attacks have been making news as of late--from Sony PSN to the FBI. Many of the attacks, such as those performed by the groups Anonymous and LulzSec among many other individuals, are done entirely out of ideology, such as the attacks on PayPal, MasterCard, and Visa last year in defense of WikiLeaks. In a global survey taken by McAfee, "[e]ighty percent of respondents have faced a large-scale denial of service attack (DDoS), and a quarter reported daily or weekly DDoS attacks." Although small DDoS and general DoS attacks can be handled by competent IT staff, large scale threats bid the assistance of ISPs.

DDoS attacks cannot be underestimated. Many corporations are going online and finding significant portions of their revenue there, and in some cases they are completely dependent on the internet. Over half of the respondents to a survey by Verisign had down time due to DDoS attacks, and almost a fourth of all respondents had sites down for more than 12 hours. For a DDoS attack to bring down an internet service even for a few hours can be very costly and have a lasting impact.

The DDoS attacks on corporations like Sony and Visa are a very different situation than just a few computers bloating HTTP connections. In these small scale situations simply blacklisting the source IP on a firewall or router can handle it. However, in a situation where a botnet is attacking a service, there is only so much the service's IT staff can do if the bandwidth to the service's servers are overloaded with traffic. This is where ISPs may be able to help.

W3C Security suggests that "the simplest and most effective solution for preventing DDoS is through a global cooperative effort to secure the internet". Purdue's Department of Computer Science released an essay on how that can be done. They use the allegory of a lake which services the water needs of cities surrounding it, but has been polluted. Each city can filter their own water, but the lake will still be polluted and unusable. By implementing filters in the lake, that is in the ISPs, the pollution can be isolated, thus making the lake usable.

For ISPs to regulate the internet in this way would compromise net neutrality. Yet, perhaps ISPs can maintain neutrality through services packages that include DDoS protection, even if it be with outside companies in an ad hoc manner who are more experienced. Corporations like DOSarrest and Arbor Networks are already working with ISPs to implement DDoS mitigation strategies. More and more companies may be looking for such protection in their ISP as such attacks become more prevalent.
About the Author:
Joe Purcell is a technology virtuoso, cyberspace frontiersman, and connoisseur of Linux, Mac, and Windows alike.

Newsletter Archive | Article Archive | Submit Article | Advertising Information | About Us | Contact


ISPproNews is an iEntry, Inc. ® publication - All Rights Reserved Privacy Policy and Legal