- First sentence, "citizen" -> "citizens"
- I think making the point that the time to document contacts at
hosters, service providers, registrars, etc. is before an attack
starts, not after.
- Looking at "change DNS TTL to 1 hour," I think this is something
that could be done now in preparation for an attack. How would be
the best way to get this prep/not-reactive advice out? Perhaps add
a "preparing for attack" section at the top of the DFAK?
- DDoS and site takedowns and defacements don't feel like the same
issue to me and I wouldn't have clicked into DDoS mitigation to
find docs on the latter two. Maybe split this up or rename the
topic?
- This text "It is very important to keep payments for your domain
name in order." is another statement that would be useful in a
"preparing for attack" section.
- For DDos Mitigation services, Con #3 says SSL will be decrypted
briefly, which means that the provider must have a copy of your
SSL private key which is itself a con. That said, this isn't the
case for NSP-type DDoS mitigation services that work at the TCP
level instead.
- The link for "Go straight to the Responding to a Denial of Service
Attack section" takes the reader to the github page, which doesn't
feel intended.
(sent in via private email)