Guarding against DoS
Lets suppose we get targeted for a DOS attack. We can pretty much assume
this will eventually happen. If a colo'ed box gets hit with 20 mbps of
incoming traffic, even if it ignores it all, then we might have to pay
$2200 that month. That is not good!
How can we keep ourselves from getting high bandwidth bills in a colo
environment? If we block the traffic at a router in our rack, we've
already received it and it has been counted. Is the only solution to
catch it quickly and get the ISP to block it upstream?