On Jul 15, 2008, at 5:48 AM, Sergio Castro wrote:

> The DDOS protection company you are thinking about is www.prolexic.com

There are actually many SPs offer 'clean pipes'-type DDoS mitigation
services; Prolexic, AT&T, Sprint, Rackspace, SAVVIS, and many others.

And you're correct that no responsible SP offers any sort of DDoS-
testing types of services because of the costs and potential for
collateral damage. So, in most cases, this sort of testing must take
place locally; note that very very few organizations will allow this
kind of testing against a production network, so it's generally
relegated to the lab.

As someone else pointed out, there are many many different classes of/
flavors of DoS; the main thing to keep in mind is that DoS attacks are
attacks against capacity and/or state, and how to defend against them
at all layers of the model.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins (at) cisco (dot) com [email concealed]> // +66.83.266.6344 mobile

History is a great teacher, but it also lies with impunity.

-- John Robb

------------------------------------------------------------------------

This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

[ reply ]