[120816] in North American Network Operators' Group
Re: D/DoS mitigation hardware/software needed.
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Tue Jan 5 00:12:49 2010
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: NANOG list <nanog@nanog.org>
Date: Tue, 5 Jan 2010 05:08:27 +0000
In-Reply-To: <d066472f1001042105h5fe6e50fg37fc065489714b38@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 5, 2010, at 12:05 PM, Rick Ernst wrote:
>=20
> A solution preferably that integrates with NetFlow and RTBH. An in-line =
solution obviously requires an appliance, or at least special/additional ha=
rdware.
The key is to not be inline all the time, but only inline *when needed*. T=
his removes operational complexity, provides the ability to oversubscribe, =
and simplifies the routine troubleshooting matrix.
> I'm looking at taking the first whack at immediate mitigation at the bord=
er/edge (upstream) via uRPF and RTBH. =20
Good plan.
> Additional mitigation would be via manual or automatic RTBH or security/=
abuse@ involvement with upstreams.
Automagic is generally bad, as it can be gamed. =20
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
