[177278] in North American Network Operators' Group
Re: DDOS solution recommendation
daemon@ATHENA.MIT.EDU (Phil Bedard)
Sun Jan 11 14:34:11 2015
X-Original-To: nanog@nanog.org
Date: Sun, 11 Jan 2015 14:34:03 -0500
From: Phil Bedard <bedard.phil@gmail.com>
To: Mike Hammett <nanog@ics-il.net>,
<nanog@nanog.org>
In-Reply-To: <18730191.2584.1420993984566.JavaMail.mhammett@ThunderFuck>
Errors-To: nanog-bounces@nanog.org
Many attacks can use spoofed source IPs, so who are you really blocking?
That's why BCP38 as mentioned many times already is a necessary tool in
fighting the attacks overall.
Phil
On 1/11/15, 4:33 PM, "Mike Hammett" <nanog@ics-il.net> wrote:
>I didn't necessarily think I was shattering minds with my ideas.
>
>I don't have the time to read a dozen presentations.
>
>Blackhole them and move on. I don't care whose feelings I hurt. This
>isn't kindergarten. Maybe "you" should have tried a little harder to not
>get a virus in the first place. Quit clicking on male enhancement ads or
>update your OS occasionally. I'm not going to spend a bunch of time and
>money to make sure someone's bubble of bliss doesn't get popped. Swift,
>effective, cheap. Besides, you're only cut off for 30 days. If in 30 days
>you can prove yourself to be responsible, we can try this again. Well,
>that or a sufficient support request.
>
>Besides, if enough people did hat, the list of blackholes wouldn't be
>huge as someone upstream already blocked them.
>
>
>
>
>-----
>Mike Hammett
>Intelligent Computing Solutions
>http://www.ics-il.com
>
>
>
>----- Original Message -----
>
>From: "Roland Dobbins" <rdobbins@arbor.net>
>To: nanog@nanog.org
>Sent: Sunday, January 11, 2015 9:29:33 AM
>Subject: Re: DDOS solution recommendation
>
>
>On 11 Jan 2015, at 22:21, Mike Hammett wrote:
>
>> I'm not saying what you're doing is wrong, I'm saying whatever the
>> industry as a whole is doing obviously isn't working and perhaps a
>> different approach is required.
>
>You haven't recommended anything new, and you really need to do some
>reading in order to understand why it isn't as simple as you seem to
>think it is.
>
>> Security teams? My network has me, myself and I.
>
>And a relatively small network, too.
>
>> If for example ChinaNet's abuse department isn't doing anything about
>> complains, eventually their whole network gets blocked a /32 at a
>> time. *shrugs* Their loss.
>
>Again, it isn't that simple.
>
>-----------------------------------
>Roland Dobbins <rdobbins@arbor.net>
>
