[164836] in North American Network Operators' Group
RE: ddos attacks
daemon@ATHENA.MIT.EDU (Ahad Aboss)
Mon Aug 5 09:51:42 2013
From: Ahad Aboss <ahad@telcoinabox.com>
In-Reply-To: <bd98b34eddcb6a695aad64ceaf9fca75@mail.airstreamcomm.net>
Date: Mon, 5 Aug 2013 21:09:05 +1000
To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Scott,
Use a DDOS detection and mitigation system with DPI capabilities to deal
with traditional DDOS attack and anomalous behaviour such as worm
propagation, botnet attacks and malicious subscriber activity such as
flooding and probing. There are only a few vendors who successfully play in
this space who provide a self healing/self defending system.
Cheers
Ahad
-----Original Message-----
From: sgraun@airstreamcomm.net [mailto:sgraun@airstreamcomm.net]
Sent: Friday, 2 August 2013 11:37 PM
To: nanog@nanog.org
Subject: ddos attacks
I=92m curious to know what other service providers are doing to
alleviate/prevent ddos attacks from happening in your network. Are you
completely reactive and block as many addresses as possible or null0 traffi=
c
to the effected host until it stops or do you block certain ports to preven=
t
them. What=92s the best way people are dealing with them?
Scott
