Threat Level: green Handler on Duty: Rick Wanner

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

DDOS are way down? Why?

Published: 2015-02-27
Last Updated: 2015-02-27 20:04:44 UTC
by Rick Wanner (Version: 1)
0 comment(s)

I have been tracking DDOS volume and patterns for a few years.  We have seen the attacks move from DNS to NTP, to chargen then on to SSDP and occasionally QOTD.  I think we have a much better understanding of the vulnerabilities which are enabling the successful amplification of DDOS attacks. Small steps have been made, and are continuing to be made, by vendors and ISPs, to reduce the impact of this style of attack.  

What I haven't been able to understand is why since late last year, other than the occasional booter and attacks on Brian Krebs, the incidence and volume of these attacks has dropped off almost completely?

Any ideas?

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Keywords: DDOS
0 comment(s)
Leonard Nimoy has passed - please be alert for the rounds of Phishing and malware that will inevitably occur!
ISC StormCast for Friday, February 27th 2015 http://isc.sans.edu/podcastdetail.html?id=4375
Diary Archives