[47560] in North American Network Operators' Group
Re: Effective ways to deal with DDoS attacks?
daemon@ATHENA.MIT.EDU (Kurt Erik Lindqvist)
Mon May 6 12:58:14 2002
Date: Fri, 03 May 2002 11:13:21 +0200
From: Kurt Erik Lindqvist <kurtis@kurtis.pp.se>
To: Pete Kruckenberg <pete@kruckenberg.com>, nanog@merit.edu
Message-ID: <86981172.1020424401@localhost>
In-Reply-To: <Pine.LNX.4.33.0205011711080.5350-100000@minot.kruckenberg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Errors-To: owner-nanog-outgoing@merit.edu
> What processes and/or tools are large networks using to
> identify and limit the impact of DDoS attacks?
What we are using is matching of a specific community on all of our edge
routers. A route matching this specific community will be blackholed on the
edge. All that is then needed is by our NOC or one of our customers to
announce the host under attack as a /32 with the right community and they
will not suffer under the attack. Problem then is to get the router to drop
all the packets....
- kurtis -
