[47273] in North American Network Operators' Group
Re: Effective ways to deal with DDoS attacks?
daemon@ATHENA.MIT.EDU (Richard A Steenbergen)
Wed May 1 22:20:09 2002
Date: Wed, 1 May 2002 22:18:39 -0400
From: Richard A Steenbergen <ras@e-gerbil.net>
To: Wojtek Zlobicki <wojtekz@idirect.com>
Cc: measl@mfn.org, nanog@merit.edu
Message-ID: <20020502021839.GC523@overlord.e-gerbil.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <014401c1f17a$1f2299f0$6401a8c0@ender>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, May 01, 2002 at 09:38:52PM -0400, Wojtek Zlobicki wrote:
>
> How about the following :
>
> We develop a new community , being fully transitive (666 would be
> appropriate ) and either build into router code or create a route map to
> null route anything that contains this community. The effect of this being
> the distribution of the force of the attack.
This has been proposed a dozen times over, and I agree that there should
be a well known community for discarding packets. Go try and get the IETF
to add it, let me know how it goes. :)
> This aside, how effective would be using a no export community with ones
> peers (being non transitive, it would still distribute the force of the
> attack).
Many people do this already. If you're looking to purchase transit and you
think this is something you'll care about, ask for it or vote with your
wallet.
--
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
