Just another example of the types of attacks that can hit any Web site – even those focused on security. We’ll continue to keep an eye on the story as the Metasploit site is still under siege, but what becomes interesting to see is the transition in articles about DDoS.  A DDoS attack of this size years ago would have taken down a large site while today it is still quite small compared to the bandwidth and protection levels deployed by Internet giants.  As such, it seems like we are getting to the back side of the DDoS boom where you have botnet owners picking sites without monetary gain but just for a bit of visibility against targets that in many cases aren’t even investing in heavy defenses because of the lack of business impact.  More interesting is how we continue to cover these stories but how they are rapidly moving to the bottom of the news.

The question I think about is which direction will things go in DDoS defense?  Will every site need protection just to make the Internet useful, just like Anti-SPAM is a requirement to get anything done in email?   Or will this be one of those things that is a nuisance now and just fades over time as the benefit of attack doesn’t even highlight an article?