Comments on: Study: DDoS attacks threaten ISP infrastructure

Arbor Networks finds that DDoS attack sizes doubled last year and were more diverse in nature, taxing the IT security resources at most Internet carriers.

[The_Decider]

The solution to DDOS lies not in actions that an ISP or law enforcement can take. There are two viable solutions to this problem, doing either will solve or mitigate plenty of other security issues.

1. Ban all MS OS's.

2. Force MS to produce a secure OS that is not so easy to BOT without the users knowledge.

If the DDOSers want to attack, then they will be forced to use methods that will be easy to trace to them.

[NikEst]

The_Decider: It's not that simple. Your 'solution' will probably only stall the attacks. Every OS is vulnerable to this, pretty much no matter what. You suggest stopping the use of only MS software, but if everybody suddenly switch to say linux or os x, we'd see a very steep increase in security holes in those OSs simply because it's now worth hacker's time to find and use holes in those OSs.

[Michichael]

Pretty much. It's an age old argument - other OS's are not more secure because there are less exploits - there are less users to begin with so flaws in the OS are not as easily apparent. Not to mention it's not "worth" hacking a linux box if there's nothing to be gained by it. Most people use a Windows PC. If you've got a village in the middle of nowhere that you want to rob and ambush, with a main road, 4 lane road, and multiple little bike paths into it - you'd monitor that main road and try to ambush people on that, as you've got a far better chance of turning a profit by attacking the thing people use.

[oldmanriver2]

The comment in the article on 'reflective' attacks does not seem accurate. As far as I've always thought, this variant doesn't redirect traffic away from the target... it uses packets with forged source headers (using the target's address) and sends them to a third party, who tries to respond to the source (the target).

[ManuelLabor]

The argument that Windows is only the target because it's popular holds no water either. Which do you think a cracker would desire more, breaking into a few multigigabit linux servers, or working to build a network of tens of millions of dsl and cable based machines? With linux machines, you need far fewer to pack the same punch as a gigantic windows botnet. So, linux would obviously make the better target. Windows isn't the target because it's popular. Windows is the target because it's easy.