[182817] in North American Network Operators' Group
Re: Quakecon: Network Operations Center tour
daemon@ATHENA.MIT.EDU (Alistair Mackenzie)
Sun Aug 2 11:56:20 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <466B5BC3-04F0-47D2-BD37-BFC0315DC253@arbor.net>
Date: Sun, 2 Aug 2015 16:56:16 +0100
From: Alistair Mackenzie <magicsata@gmail.com>
To: Roland Dobbins <rdobbins@arbor.net>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
While increasing bandwidth to the endpoint isn't viable wouldn't increasing
the edge bandwidth out to the ISP be a start in the right direction?
I would assume this would a start to the problem if your attacks were
volumetric.
Once the bandwidth is there you can look at mitigation before it reaches
the endpoint, in this case the computers on the floor (assuming no NAT).
On 2 Aug 2015 16:51, "Roland Dobbins" <rdobbins@arbor.net> wrote:
> On 2 Aug 2015, at 22:44, Dave Pooser wrote:
>
> I wonder if that would be a reason for the relatively anemic 1Gb Internet
>>
>> pipe-- making sure that a DDoS couldn't push enough packets through to
>> inconvenience the LAN party.
>>
>
> While increasing bandwidth is not a viable DDoS defense tactic, decreasing
> it isn't one, either.
>
> -----------------------------------
> Roland Dobbins <rdobbins@arbor.net>
>
