Last Updated: 2015-02-27 20:04:44 UTC
by Rick Wanner (Version: 1)
I have been tracking DDOS volume and patterns for a few years. We have seen the attacks move from DNS to NTP, to chargen then on to SSDP and occasionally QOTD. I think we have a much better understanding of the vulnerabilities which are enabling the successful amplification of DDOS attacks. Small steps have been made, and are continuing to be made, by vendors and ISPs, to reduce the impact of this style of attack.
What I haven't been able to understand is why since late last year, other than the occasional booter and attacks on Brian Krebs, the incidence and volume of these attacks has dropped off almost completely?
-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)