SRO: It's Time To Take A Stand [to Protect Against DDoS Attacks]Feb 22, 2000, 15:48 (0 Talkback[s])
(Other stories by Steven J. Vaughan-Nichols)
"...new tools--combined with good system and security administration--will help to limit the damage from these assaults. ... Another suggestion: Distribute a site's network load to different ISPs and DNS servers. Yahoo's site, for example, even during the worst portions of the storm, never completely failed. In no small part, that is because Yahoo relies upon a distributed network architecture provided by Inktomi. If you don't provide such architectures for your customers, now is the time to start."
"To stop attacks before they start, check server systems for the DDoS Trojan programs: Trinoo, Tribe Flood Network, TFN2000 and stacheldraht. These have been found only on Solaris, but experts say it's only a matter of time before they're ported to other operating systems."
"With the rise of high-speed DSL and cable-modem Net connections, even the smallest of customers might become the launching pad for significant DDoS attacks. For ISPs and CLECs, the eventual, expensive answer may be to install DDoS blocking solutions on or near their main routers. In the short run, installing personal firewalls for smaller customers is a wise step."