[103264] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Mitigating HTTP DDoS attacks?

daemon@ATHENA.MIT.EDU (Roland Dobbins)
Mon Mar 24 18:33:05 2008

From: Roland Dobbins <rdobbins@cisco.com>
To: NANOG <nanog@merit.edu>
In-Reply-To: <1b5c1c150803241502g647465b4n549ba5149118bffc@mail.gmail.com>
Date: Tue, 25 Mar 2008 05:18:20 +0700
Errors-To: owner-nanog@merit.edu

On Mar 25, 2008, at 5:02 AM, Mike Lyon wrote:

> Any input would be greatly appreciated.

There are devices available today from different vendors (including  
Cisco, full disclosure) which are intelligent DDoS-'scrubbers' and  
which can deal with more sophisticated types of attacks at layer-7,  
including HTTP and DNS.  S/RTBH is also an option, keeping in mind  
some of the caveats you mentioned (staying mindful of attacking hosts  
behind proxies, botted hosts of legit customers, et. al.).

-----------------------------------------------------------------------
Roland Dobbins <rdobbins@cisco.com> // +66.83.266.6344 mobile

    It doesn't pay to dispute what you know to be true.

                     -- Fred Reed


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[103264] in North American Network Operators' Group

Re: Mitigating HTTP DDoS attacks?

daemon@ATHENA.MIT.EDU (Roland Dobbins)Mon Mar 24 18:33:05 2008

daemon@ATHENA.MIT.EDU (Roland Dobbins)
Mon Mar 24 18:33:05 2008