[186318] in North American Network Operators' Group
Re: Ransom DDoS attack - need help!
daemon@ATHENA.MIT.EDU (Roland Dobbins)
Thu Dec 10 03:11:47 2015
X-Original-To: nanog@nanog.org
From: "Roland Dobbins" <rdobbins@arbor.net>
To: nanog@nanog.org
Date: Thu, 10 Dec 2015 13:51:45 +0700
In-Reply-To: <CAKDS_tnQuFzDj=9QZWO=cDFsf4qnHU2+O1=QtUnkpthZ15TGDg@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org
On 10 Dec 2015, at 13:21, Joe Morgan wrote:
> We have custom in house software that watches the traffic flows from
> our edge routers and automatically blackholes any ip getting targeted.
Suggest you take a look at the presos I posted earlier and look into
S/RTBH, flowspec, some limited QoS, and some preemptive ACLs so that you
aren't forced into completing the DDoS.
-----------------------------------
Roland Dobbins <rdobbins@arbor.net>
