[70654] in North American Network Operators' Group
Re: handling ddos attacks
daemon@ATHENA.MIT.EDU (Tim Wilde)
Thu May 20 22:53:31 2004
Date: Thu, 20 May 2004 22:10:31 -0400 (EDT)
From: Tim Wilde <twilde@dyndns.org>
To: "P.Schroebel" <crossfire@smsonline.net>
Cc: nanog@merit.edu
In-Reply-To: <010d01c43ed8$04a66bd0$8501a442@dasboot>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 20 May 2004, P.Schroebel wrote:
> Ok, I 'll buy that right now; we have a DDoS Attack on our core nameservers
> from 66.165.10.24. Where do we start, do I call the police in Bellingham or
> Washington State Police. We have blocked their ips but, we know they will
> come in another way.
Call your local branch of the US Secret Service, if you're in the states,
and ask for their electronic crimes division. If you're not in the
states, contact your comprable local authority. They can work with you to
coordinate with other jurisdictions, etc.
You may have some luck directly with the local police at the point of
origin, but it generally helps to have a broader agency involved to
coordinate matters.
--
Tim Wilde
twilde@dyndns.org
Systems Administrator
Dynamic Network Services, Inc.
http://www.dyndns.org/
