[47560] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: Effective ways to deal with DDoS attacks?

daemon@ATHENA.MIT.EDU (Kurt Erik Lindqvist)
Mon May 6 12:58:14 2002

Date: Fri, 03 May 2002 11:13:21 +0200
From: Kurt Erik Lindqvist <kurtis@kurtis.pp.se>
To: Pete Kruckenberg <pete@kruckenberg.com>, nanog@merit.edu
Message-ID: <86981172.1020424401@localhost>
In-Reply-To: <Pine.LNX.4.33.0205011711080.5350-100000@minot.kruckenberg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Errors-To: owner-nanog-outgoing@merit.edu



> What processes and/or tools are large networks using to
> identify and limit the impact of DDoS attacks?


What we are using is matching of a specific community on all of our edge 
routers. A route matching this specific community will be blackholed on the 
edge. All that is then needed is by our NOC or one of our customers to 
announce the host under attack as a /32 with the right community and they 
will not suffer under the attack. Problem then is to get the router to drop 
all the packets....

- kurtis -

home help back first fref pref prev next nref lref last post