[175938] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: DDOS, IDS, RTBH, and Rate limiting

daemon@ATHENA.MIT.EDU (Roland Dobbins)
Sat Nov 8 21:26:05 2014

X-Original-To: nanog@nanog.org
From: "Roland Dobbins" <rdobbins@arbor.net>
To: "NANOG (nanog@nanog.org)" <nanog@nanog.org>
Date: Sun, 09 Nov 2014 09:25:50 +0700
In-Reply-To: <DC85D08B84BB854086E9524DAB67D1871613B320@Teriwood.miller.local>
Errors-To: nanog-bounces@nanog.org


On 9 Nov 2014, at 8:10, Eric C. Miller wrote:

> Does anyone have any suggestions for mitigating these type of attacks?

You can start with S/RTBH (or flowspec, if your platform supports it):

<http://tools.ietf.org/html/rfc5635>

<http://tools.ietf.org/html/rfc5575>

<https://app.box.com/s/xznjloitly2apixr5xge>

Here's a preso which discusses reflection/amplification attacks, 
including chargen reflection/amplification attacks such as the one you 
describe:

<https://app.box.com/s/r7an1moswtc7ce58f8gg>

-----------------------------------
Roland Dobbins <rdobbins@arbor.net>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[175938] in North American Network Operators' Group

Re: DDOS, IDS, RTBH, and Rate limiting

daemon@ATHENA.MIT.EDU (Roland Dobbins)Sat Nov 8 21:26:05 2014

daemon@ATHENA.MIT.EDU (Roland Dobbins)
Sat Nov 8 21:26:05 2014