[149559] in North American Network Operators' Group
Re: UDP port 80 DDoS attack
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Wed Feb 8 08:16:38 2012
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: NANOG Group <nanog@nanog.org>
Date: Wed, 8 Feb 2012 13:15:37 +0000
In-Reply-To: <CAEs2ZiJAP6gMZVE6XY_xb+cCD26e6hA1rHY19T-Rby8zFbg8Xw@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 8, 2012, at 8:07 PM, bas wrote:
> As far as I see it S/RTBH is in no way a solution against smart attackers=
, of course it does help against all the kiddie attacks out
> there.
Once again, I've used S/RTBH myself and helped others use it many, many tim=
es, including to defend against attacks with shifting purported source IPs.=
flowspec, IDMS and other tools are very useful as well, but S/RTBH is sup=
ported on a lot of hardware, if operators choose to configure it.
It is not a panacea. It is one tool in the toolbox. =20
Folks can either choose to make use of it or choose not to do so; it is ope=
rationally proven, it does work, and it's certainly better than nothing. Y=
MMV.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
