[186174] in North American Network Operators' Group
Re: Ransom DDoS attack - need help!
daemon@ATHENA.MIT.EDU (Roland Dobbins)
Thu Dec 3 10:20:38 2015
X-Original-To: nanog@nanog.org
From: "Roland Dobbins" <rdobbins@arbor.net>
To: nanog@nanog.org
Date: Thu, 03 Dec 2015 22:20:26 +0700
In-Reply-To: <CAA3uY602BOVHFLFK0dhp1irvKdfRDb9A1HJLEM3_hrt+FkCtYw@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org
On 3 Dec 2015, at 15:15, halp us wrote:
> Based on certain details that I can't reveal here, we believe the
> magnitude of the upcoming attack may be in the several hundred Gbps.
They lie. The largest attacks we've seen from these threat actors are
in the ~60gb/sec range - which is nothing to shake a stick at, mind.
Many times, they don't follow through. But you're right to be prepared.
See these two presos:
<https://app.box.com/s/2kpbqfdl1ko3qhfhe4y8ekd1rvj24vfd>
<https://app.box.com/s/r7an1moswtc7ce58f8gg>
> I would really appreciate help in a few areas (primarily with certain
> provider contacts/intros) so we can execute our strategy (which I
> can't reveal here for obvious reasons).
All this super-secret squirrel stuff doesn't help, it's actually a
hindrance. The short answer is 'upstream ACLs'.
Nevertheless, contact me 1:1 and I'll work to hook you up with the right
folks.
-----------------------------------
Roland Dobbins <rdobbins@arbor.net>
