[175951] in North American Network Operators' Group
Re: DDOS, IDS, RTBH, and Rate limiting
daemon@ATHENA.MIT.EDU (Matt Palmer)
Sun Nov 9 00:13:31 2014
X-Original-To: nanog@nanog.org
Date: Sun, 9 Nov 2014 16:13:21 +1100
From: Matt Palmer <mpalmer@hezmatt.org>
To: nanog@nanog.org
Mail-Followup-To: nanog@nanog.org
In-Reply-To: <Pine.LNX.4.61.1411082230090.10544@soloth.lewis.org>
Errors-To: nanog-bounces@nanog.org
On Sat, Nov 08, 2014 at 10:37:45PM -0500, Jon Lewis wrote:
> On Sun, 9 Nov 2014, Roland Dobbins wrote:
> >But this kind of thing punishes the victim. It's far better to do
> >everything possible to *protect* the target(s) of an attack, and
> >only use D/RTBH as a last resort.
>
> I'm sure it's not always the case, but in my experience as a SP, the
> victim virtually always did something to instigate the attack
Like have the temerity to have a successful online store. Or be featured in
the mainstream media for providing information during a natural disaster.
The bastards. I've dealt with far more DDoS attacks that were for the
purposes of extortion or lulz than were due to the recipient "instigating
the attack". Perhaps that's a function of not attempting to cater to the
lowest common denominator.
- Matt
