I was listening to the security now podcast today which was about denial of service attack. Steve Gibson called it "web weaponry". That guy just loves to coin terms. Anyway the only defense that Steve mentioned was the fact that some company has to pay alot of money for bigger pipes. This way it can actually have a chance of operating and handling some of the legit traffic until the attack can be stopped. I had an idea for another defense which seems kinda obvious if you think about it. Its called "obscurity". Yea they taught us in college that security by obscurity is a sin but this is a different. Any company that relies on internet connectivity for their livelihood should not be telling the public about it. Only the people who need to know about it should know about it. Ofcourse if the clients are the public then there is no choice but otherwise keep your mouse shut!