Last modified: Thu Aug 18 10:09:58 PDT 2005

Internet Denial of Service: Attack and Defense Mechanisms

Reviews and discussion of the book

Recent DDoS Developments

In Chapter 2.1 (bottom of page 13) we stated, "If the target of the attack is a company, a conceivable motive can be a competitor's wish to gain an edge in the market. So far, no attacks have been proven to have this motive."
A recently prosecuted federal case in the United States has changed this. Stories can be found here:

Errata for first printing (December 2004)

Chapter 2, Page 26.
The link is no longer active. The original story by Brian Krebs can be found at

Chapter 3, Page 50.
The second paragraph should begin, The next generation of tools... instead of This next generation. The preceding paragraph describes the first generation, not the next (second) generation.

Chapter 4, side-bar on ingress/egress filters, Page 95.
The URL cited in the footnote is no longer available. You can find another archived copy at [Thanks to Stefan Fouant for a substitute URL.]

Chapter 7, Section 7.12.1, Page 235.
Sentence beginning "McHugh extends.." should read: "McHugh and Gates extend this model in their locality approach for dealing with the outsider threat [McH03]"

Bibliography, Page 344, entry [McH03].
The reference should read: John McHugh and Carrie Gates, "Locality: A New Paradigm for Thikning About Normal Behavior and Outsider Threat," Proceedings of the New Security Paradigms Workshop (NSPW 2003), ACM Press, August 2003, pp. 3-10

Dave Dittrich <dittrich @ u dot washington dot edu>