[121082] in North American Network Operators' Group
Re: D/DoS mitigation hardware/software needed.
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Sat Jan 9 22:34:01 2010
In-Reply-To: <15DD90A7-A6DF-4489-AAA7-37A8E95270AA@arbor.net>
Date: Sat, 9 Jan 2010 22:33:19 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: "Dobbins, Roland" <rdobbins@arbor.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sat, Jan 9, 2010 at 10:21 PM, Dobbins, Roland <rdobbins@arbor.net> wrote=
:
>
> On Jan 10, 2010, at 10:05 AM, Roger Marquis wrote:
>> Have you noticed how easily Drupal servers go down with corrupt MyISAM t=
ables? =A0How would S/RTBH and/or flow-spec protect against that?
>
> We're talking about DDoS mitigation in order to keep the servers up and r=
unning, so that they don't go down ungracefully and corrupt anything in the=
first place.
have you noticed how putting your DB and WEB server on the same
hardware is a bad plan?
separate the portions of the pie... only let the attack break the
minimal portion of your deployment. Use the right tool in the right
place.
-chris
