(Page 2 of 2)
"The fact is they cannot be expected to handle it alone. The key is to move attack detection and defense as close to the attacking machines as possible," Horan told us. "Ideally, the ISPs of the attacking parties, most of whom probably don't even know their compromised machines are participating in the attack, would drop the traffic before it even gets out onto the Internet proper. The further onto the Internet this traffic gets, the greater an effect it has."
As Horan sees it, ISPs should do this -- and potentially the legislative bodies of the countries they reside on, to take proactive action. They must analyze and filter this traffic in response to requests by the ISPs hosting the servers being attacked. Until there is this coordinated response, he said, DDoS attacks will keep being a threat to legitimate servers on the Internet.