The Market Ticker
Rss Icon RSS available
Fact: There is no immunity or protection against The Law of Scoreboards.
Did you know: What the media does NOT want you to read is at https://market-ticker.org/nad.
You are not signed on; if you are a visitor please register for a free account!
The Market Ticker Single Post Display (Show in context)
Top Login FAQ Register Clear Cookie
User Info The Digital First Amendment Enforcement Act; entered at 2019-03-19 09:58:38
Tickerguy
Posts: 203329
Registered: 2007-06-26
@Mtdm - Having a DDOS result in someone being "asked to leave" is identical to asking someone to leave because they're black and a KKK convention is in town; you're concerned by the white hooded people out front who you think might burn your business down.

The problem with throwing the black guy out is that you just told the mob that showing up in front of your business works. If BY LAW you can't throw the black guy out then the KKK dudes get nowhere with their threats, and now people can turn their attention to identifying them and imposing sanction.

We had people try this sort of crap back when I ran MCSNet; there are things you can do at your edge that greatly attenuate the ability of people to "get" you other than by raw packet flood (e.g. overloading of circuits.) Raw overload attempts are best dealt with through billing and acceptance policy (in other words you throw the issue as a matter of contract back at the people where it's coming from.) That in turn suddenly gets them REAL interested in not accepting and passing that crap themselves since they can't get paid for it.

High bitrate pipes into individual users make them "attractive nuisances" if providers to those users are not proactive in their network design, but being proactive isn't very difficult. There's simply no reason for a provider to allow high-bitrate UDP or control (e.g. SYN/FIN, etc) to come out of an edge device OTHER THAN in very specific cases (e.g. the ports for a VPN or similar) and such policy-rate enforcement is not hard to do at the edge level.

At the end of the day a DDOS attack is mostly NOT about actually taking the target offline, since that requires continual action and, with continual action you can be traced and prosecuted. The damage for which you can get tagged in such a situation is enormous -- enough to bankrupt ANYONE and ANY provider under joint and several liability. The problem is that the KKK hooded dudes don't actually have to maintain their vigil in the digital space if you let a UIS throw people out; they only need to threaten. Making it unprofitable goes a long way toward making a DDOS attack worthless and increasing the risk of engaging in one, and technical mitigations exist that as a matter of best practice can be required in order for a provider who gets used in propagating one to be held harmless -- otherwise the liability is theirs on a joint and several basis, and it doesn't take many of those instances to bankrupt any firm that refuses to implement them.
2019-03-19 09:58:38