[82804] in North American Network Operators' Group
RE: Provider-based DDoS Protection Services
daemon@ATHENA.MIT.EDU (Chris Ranch)
Fri Jul 29 03:48:31 2005
Date: Fri, 29 Jul 2005 03:47:45 -0400
From: "Chris Ranch" <CRanch@Affinity.com>
To: "John Neiberger" <jneiberger@gmail.com>
Cc: <nanog@nanog.org>
Errors-To: owner-nanog@merit.edu
Perhaps you could improve your site's survivability by colocating or
otherwise hosting it. That is, take the T1's out of the picture... The
economics of DDoS mitigation may change in your favor too.
Changing our policy to not support irc is one of the best things we did.
I've always felt DDoS defense is just part of providing a good network
to my customers.
Chris=20
=20
Florian Weimer:
>=20
> * John Neiberger:
>=20
> > Protect thyself how? For DDoS protection to work, the nasty traffic=20
> > must be stopped before it gets to my access circuits. Once it gets=20
> > close enough for me to do anything about it directly it's too late.
>=20
> It depends. Quite a few DoS attacks are not based on=20
> bandwidth saturation or network device overload. On the=20
> other hand, if you address the easy ones within your own=20
> network, the attackers might switch to types which you can't=20
> deal with on your own. 8-(
>=20
> Anyway, you should examine *why* you (or your customers) are=20
> attacked, and address that. Everything else is likely=20
> cost-effective. Of course, this might mean you have to do=20
> without some revenue if you have customers that are DoS=20
> magnets for some reason.
>=20
