[167587] in North American Network Operators' Group
Re: ddos attacks
daemon@ATHENA.MIT.EDU (Scott Weeks)
Thu Dec 19 17:03:10 2013
Date: Thu, 19 Dec 2013 14:02:54 -0800
From: "Scott Weeks" <surfer@mauigateway.com>
To: <nanog@nanog.org>
Reply-To: surfer@mauigateway.com
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--- cb.list6@gmail.com wrote:
On Dec 19, 2013 4:25 PM, "Dobbins, Roland" <rdobbins@arbor.net> wrote:
On Dec 19, 2013, at 6:12 AM, cb.list6 <cb.list6@gmail.com> wrote:
> > I am strongly considering having my upstreams to simply
> > rate limit ipv4 UDP.
>
> QoS is a very poor mechanism for remediating DDoS attacks.
> It ensures that programmatically-generated attack traffic
> will 'squeeze out' legitimate traffic.
I agree. But ... i am pretty sure i am going to do it. Trade offs.
-----------------------------------------------------------------
If you don't mind, after your first legit attack reply back to
this thread with the details, so others can learn from it when
they're looking through the archives.
scott
