[62163] in North American Network Operators' Group
Re: blocking AS30060
daemon@ATHENA.MIT.EDU (Jay Hennigan)
Tue Sep 16 14:02:29 2003
Date: Tue, 16 Sep 2003 10:58:08 -0700 (PDT)
From: Jay Hennigan <jay@west.net>
To: Will Yardley <william+nanog@hq.dreamhost.com>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: <20030916173209.GA1770@hq.newdream.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 16 Sep 2003, Will Yardley wrote:
> On Tue, Sep 16, 2003 at 01:04:18PM -0400, William Allen Simpson wrote:
>
> > Are there any adverse side effects, that anybody can think of?
>
> One is that any mail destined for this host would probably sit in the
> queue for the maximum queue lifetime, generally about 4 days, before
> bouncing as undeliverable, rather than either being rejected
> immediately.
On the other hand, if your routers have the CPU cycles to spare, an
inbound access-list along the lines of
deny tcp 64.94.110.0 0.0.0.255 eq 80 any
[whatever other stuff you have]
permit ip any any
Will block their return traffic from tbe website (including the TCP ack)
allowing them to cheerfully syn-flood DDoS themselves if enough people
do this.
This will kill the web traffic but allow mail.
--
Jay Hennigan - CCIE #7880 - Network Administration - jay@west.net
WestNet: Connecting you to the planet. 805 884-6323 WB6RDV
NetLojix Communications, Inc. - http://www.netlojix.com/
