[149553] in North American Network Operators' Group
RE: UDP port 80 DDoS attack
daemon@ATHENA.MIT.EDU (George Bonser)
Wed Feb 8 04:04:45 2012
From: George Bonser <gbonser@seven.com>
To: Keegan Holley <keegan.holley@sungard.com>
Date: Wed, 8 Feb 2012 09:03:48 +0000
In-Reply-To: <CABO8Q6TE8tEDo22OnwdOvSQ+34CB-4BfBixd_duFZL=+htXfVA@mail.gmail.com>
Cc: nanog <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>From: Keegan Holley=20
>How do you stop it?=A0=20
A provider knows what destination IP traffic they route TO a customer, don'=
t they? That should be the only source IPs they accept FROM a customer.
If you don't route it TO the customer, you shouldn't accept it FROM the cus=
tomer unless you have made special arrangements with them and verified they=
are entitled to source the traffic from the desired IPs.
