Botnet growth allows DDoS attacks to outpace Moore's Law, and novel attack styles create additional challenges. Meanwhile, most defenders share limited technical information about attacks, often limiting reports to exaggerated bandwidth estimates. We propose information gathering via the operation of a DDoS honeypot -- a victim site likely to attract interesting attacks -- and present our findings from the operation of KrebsOnSecurity.com.