[149453] in North American Network Operators' Group
Re: UDP port 80 DDoS attack
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Sun Feb 5 20:21:13 2012
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: NANOG Group <nanog@nanog.org>
Date: Mon, 6 Feb 2012 01:20:11 +0000
In-Reply-To: <CABO8Q6S=OiE-dbw-MstMe5tDwX4Sk+qJY=pHNkB0VWgQ=tQr=Q@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 6, 2012, at 8:10 AM, Keegan Holley wrote:
> An entire power point just to recommend ACL's, uRPF, CPP, DHCP snooping, =
and RTBH?
Actually, no, that isn't the focus of the preso.
> The first four will not work against a DDOS attack
This is incorrect - suggest you read the preso.
> and the last one just kills the patient so he does not infect other patie=
nts.=20
S/RTBH - as opposed to D/RTBH - doesn't kill the patient. Again, suggest y=
ou read the preso.
There's been a lot of discussion on this topic on NANOG, suggest you take a=
look through the archives.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
The basis of optimism is sheer terror.
-- Oscar Wilde
