ABSTRACT
A denial-of-service (DoS) attack is any malicious attempt to deprive legiti-mate customers of their ability to access services, such as a Web server. Many ISPs are already providing free firewalls, such as ZoneAlarm, with their access software. Such firewalls can be set up to maximize restrictions on the customers’ computers. Simple measures like these can greatly improve the ability of these computers to resist hackers. Many ISPs also have blocks of IP addresses set aside that will never be the source or destination of Internet traffic. These are addresses for traffic that will never reach the Internet. Most security problems at various enterprise networks are beyond the reasonable scope of ISPs to fix. However, the distributed DoS (DDoS) problem is indeed technically different. In the reality of post-September 11 thinking, however, it is entirely conceivable that ISPs will eventually be forced to contend with government regulations mandating what they should provide by way of DDoS protection.
