[167536] in North American Network Operators' Group
Re: ddos attacks
daemon@ATHENA.MIT.EDU (Dan White)
Wed Dec 18 11:40:25 2013
Date: Wed, 18 Dec 2013 10:36:50 -0600
From: Dan White <dwhite@olp.net>
To: Ahad Aboss <ahad@telcoinabox.com>
In-Reply-To: <6613b77386ec3b13ce249100d02290c2@mail.gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Can anyone recommend a vendor solution for DDOS mitigation? We are looking
for a solution that detects DDOS attacks from sflow information and
automatically announces BGP /32 blackhole routes to our upstream providers,
or a similar solution.
Thank You.
On 08/05/13 21:09 +1000, Ahad Aboss wrote:
>Scott,
>
>Use a DDOS detection and mitigation system with DPI capabilities to deal
>with traditional DDOS attack and anomalous behaviour such as worm
>propagation, botnet attacks and malicious subscriber activity such as
>flooding and probing. There are only a few vendors who successfully play in
>this space who provide a self healing/self defending system.
>
>Cheers
>Ahad
>-----Original Message-----
>From: sgraun@airstreamcomm.net [mailto:sgraun@airstreamcomm.net]
>Sent: Friday, 2 August 2013 11:37 PM
>To: nanog@nanog.org
>Subject: ddos attacks
>
>I’m curious to know what other service providers are doing to
>alleviate/prevent ddos attacks from happening in your network. Are you
>completely reactive and block as many addresses as possible or null0 traffic
>to the effected host until it stops or do you block certain ports to prevent
>them. What’s the best way people are dealing with them?
>
>Scott
--
Dan White
