[182873] in North American Network Operators' Group
Re: GoDaddy : DDoS : : Contact
daemon@ATHENA.MIT.EDU (Roland Dobbins)
Mon Aug 3 10:34:58 2015
X-Original-To: nanog@nanog.org
From: "Roland Dobbins" <rdobbins@arbor.net>
To: nanog@nanog.org
Date: Mon, 03 Aug 2015 21:34:50 +0700
In-Reply-To: <55BF7870.2020006@satchell.net>
Errors-To: nanog-bounces@nanog.org
On 3 Aug 2015, at 21:19, Stephen Satchell wrote:
> And any half-awake server operator would have turned on SYNCOOKIES a
> long time ago.
I hate to tell you this, but a) SYN-cookies aren't a perfect response,
as servers don't have infinite resources, and b) stateful firewalls go
down *all the time* under DDoS attacks.
It might be a good idea to search the list archives for more on this
phenomenon.
There's also information available in the Arbor WISRs; I think the first
time we explicitly asked in the survey about stateful devices going down
under DDoS was in 2010:
[Warning: free registration required, but you can opt-out of email as
part of the registration process]
<http://www.arbornetworks.com/resources/infrastructure-security-report>
-----------------------------------
Roland Dobbins <rdobbins@arbor.net>
