"cloud hosting"
also known as "hosting"
DDoS attacks have grown in volume yet again with 25 attacks larger than 100Gbps globally in Q1 2015, according to the latest stats from DDoS mitigation firm Arbor Networks. The majority of recent super-sized attacks leverage a reflection amplification technique using Network Time Protocol (NTP), Simple Service Discovery …
"Such shenanigans are possible because many service providers still do not implement filters at the edge of their network to block traffic with a ‘forged’ (spoofed) source IP addresses."
What you really meant was that ISPs and transit networks continue to forward traffic that couldn't have originated where it did.
There's no way you're calling from Letchworth if you are coming in on that circuit, sir.
I know that. I'm an intergalactic hitch-hiker calling from a scout ship of the sales fleet of the Sirius Cybernetics Corporation currently on the sub-light-speed leg of a journey between the stars known on your world, although not necessarily to you dear lady, as Pleiades Epsilon and Pleiades Zeta.
Do you mean Harmsworth?
>Serious prison time and high fines should help educate those who initiate DDoS attacks.
But are unlikely to do so.
Based on centuries of experience, plus decades of peer-reviewed studies, "policing" has an "educational" impact. Punishment, not so much.
Which is why your child is not stuck in a corner with a "dunce" cap and sign when he/she makes a spelling mistake.
> Punishment, not so much.
In this case, I disagree. From what I've read, these attacks are deliberate (they certainly cannot be accidental !) and typically done for gain (eg extortion against betting sites before a big event). Education is of no use, because the scrotes already know that what they are doing is wrong - they don't care and are only interested in the money.
Thus significant punishment is the only sensible deterrent.
To pick up from your analogy, this isn't like someone making a spelling mistake - it's more like the school bully taking everyone's lunch money (and beating up anyone that won't hand it over). You can try education, but if that fails (as is likely) then some punishment is in order.
Of course, the practical problem is actually catching the little b'stards. The IP source addresses (and you thought I was still talking about school :-) ) are spoofed - so the only way to find out where they came from is to track them back through the network, which means involving every communications outfit they travel through - good luck with that. When you find the source, it's most likely a compromised machine behind a NAT gateway - so you need the end user's help to identify the machine.
When you get there, you then have to identify where it got it's instructions from, so off you go again around the world. If you - very unlikely - find the source, then that's probably also a compromised machine - so off around the world again.
Not to mention TOR