swhx7
Premium
join:2006-07-23
Elbonia
 ·RoadRunner Cable
1 edit | reply to sporkme
Re: Encryption doesn't matter
It's not necessarily going at full speed from any one machine. The way a DDoS works relies on a lot of clients, but each one can be sending at a moderate rate, and it can still work as a DoS just because there are a lot of them. It just needs to be more than the server can handle. Slashdot blows away small sites regularly with something on the order of 100K hits/hour; with a 1000-member botnet that's only 100 requests each per hour which is nowhere near capacity. It's normal behavior and would not get the attention of even a vigilant ISP. For big sites, heavy-duty servers it takes a lot more, but multiply by 10 or 100 and use more clients and it's still not a big deal.
Another thing the clueless proposer doesn't seem to notice is that the participants in a DDoS aren't necessarily all on the same ISP. The first "D" is for "distributed"; they can be anywhere, and only a fraction on a single ISP.
It's just a dumbass proposal for these and other reasons.
How about this. If it's found that over 90% of the clients in most DDoS attacks run a particular vendor's operating system, make that vendor liable. It obviously sells an OS with poor security!
This is about as reasonable as the lawyer's proposal. |
