Thursday, July 30, 2009

Squid v. DDoS

This is hardly more than worth a tweet but longer than 140 chars but Squid Defense against DDoS caught my eye.

I see two lessons here:

  • Using Open Source tools to respond to an incident is a crude but powerful technique that can get the job done. Try doing this with commercial products.
  • Environments that were properly engineered with caching and load balancing and could respond to DDoS wouldn't have to worry about the attacks in the first place.
  • 1 comment:

    Anonymous said...

    I think this is how flickr is set up. And there's a lengthy article by on some blog about how Yahoo! does it.

    But then they have no choice (cost is justified) when they're getting the number of requests they do per second. Sites that are not pushed to the limits like a flickr are probably less apt to build out.

    Open Source ("free") may be crude but consider, in addition to Yahoo!, e.g., Google makes significant use of it as well. And they have heaps of cash and heaps of engineers.

    Maybe it just works?