[70665] in North American Network Operators' Group
Re: handling ddos attacks
daemon@ATHENA.MIT.EDU (Paul Vixie)
Fri May 21 00:22:15 2004
From: Paul Vixie <paul@vix.com>
To: "P.Schroebel" <crossfire@smsonline.net>
Cc: nanog@merit.edu, scott@cc.wwu.edu
In-Reply-To: Message from "P.Schroebel" <crossfire@smsonline.net>
of "Thu, 20 May 2004 22:04:58 -0400."
<010d01c43ed8$04a66bd0$8501a442@dasboot>
Date: Fri, 21 May 2004 04:16:23 +0000
Errors-To: owner-nanog-outgoing@merit.edu
> Ok, I 'll buy that right now; we have a DDoS Attack on our core nameservers
> from 66.165.10.24. Where do we start, do I call the police in Bellingham or
> Washington State Police. We have blocked their ips but, we know they will
> come in another way.
the best thing is if you call the FBI, or NIPC. if you call your local FBI
field office and say you're experiencing a cyberattack and could they give
you the number for NIPC then it'll probably produce the results you want,
even if NIPC has been renamed one or more times since i last talked to them,
or if this old functionality within FBI is now handled by DHS, or both.
