nanog mailing list archives
Re: Access Lists
From: Dan Boehlke <dboehlke () mr net>
Date: Thu, 26 Mar 1998 00:35:55 -0600 (CST)
You could just withdraw your BGP announcement for the net being attacked and suddenly the attack packets will die at the first router without a default route on their way to the victim. On Wed, 25 Mar 1998, Martin, Christian wrote:
Hello All, I have a customer who is being ping-flooded. His bandwidth is being sucked up due to these floods, and wishes me to block them on my router. I am somewhat reluctant to do this, since it goes against our policy; however, the customer has been very patient with us on this issue and his patience is running out. I would be implementing on a Cisco 7507, with 3 T-3s to the Internet, and the customer hangs off the router on a T-1. What is the general consensus on providing such a service, particularly in terms of processing overhead and manageability. Is there another way to prevent this type of attack, aside from watching packets go by and trying to trace it back through the source. The source IPs are spoofed. Thanks! Christian Martin
-- Dan Boehlke, Senior Network Engineer M R N e t Internet: dboehlke () mr net A MEANS Telcom Company Phone: 612-362-5814 2829 SE University Ave. Suite 200 WWW: http://www.mr.net/~dboehlke/ Minneapolis, MN 55414
Current thread:
- Access Lists Martin, Christian (Mar 25)
- Re: Access Lists Dan Boehlke (Mar 25)
- Re: Access Lists Phil Howard (Mar 25)
- Re: Access Lists Dan Boehlke (Mar 26)
- Re: Access Lists Phil Howard (Mar 26)
- Re: Access Lists Phil Howard (Mar 25)
- Re: Access Lists Dan Boehlke (Mar 25)
- <Possible follow-ups>
- RE: Access Lists Martin, Christian (Mar 25)
- Re: Access Lists Steve Sobol (Mar 26)
- RE: Access Lists Martin, Christian (Mar 25)
- RE: Access Lists Rich Sena (Mar 26)
- Re: Access Lists Steve Sobol (Mar 26)
- RE: Access Lists Martin, Christian (Mar 26)
- Re: Access Lists John Navitsky (Mar 27)