nanog mailing list archives
Re: Effective ways to deal with DDoS attacks?
From: "Christopher L. Morrow" <chris () UU NET>
Date: Thu, 2 May 2002 04:39:12 +0000 (GMT)
On Wed, 1 May 2002, dies wrote:
Then you are pushing out /32's and peers would need to accept them. Then someone will want to blackhole /30's, /29's, etc. Route bloat. Yum!
Yes.
Additionally you are creating a way to basically destroy the Internet as a whole. One kiddie gets ahold of a router, say of a large backbone provider, takes one of their aggregate blocks (/16? /10? /8?) and splits it into /32 announcements.
Or, blackhole the /16 :) more fun! (assuming no other smaller announcements inside that /16 of course)
Anyways, some providers already allow you to set a community on a route, and they will inturn "blackhole" it for you. I believe Teleglobe does this for some customers and I know UUNet does this for all customers.
Hmm, Mr. 'dies' is almost correct... if you are a UUNET customer and you would like to do this please call the customer service center and they will help you to configure this 'service'. Thanks though Mr. 'dies' :)
On Wed, 1 May 2002, Wojtek Zlobicki wrote:What processes and/or tools are large networks using to identify and limit the impact of DDoS attacks?A great deal of thought is being expended on this question, I am certain, however, how many of these thought campaings have born significant fruityet,I do not know.How about the following : We develop a new community , being fully transitive (666 would be appropriate ) and either build into router code or create a route map to null route anything that contains this community. The effect of this being the distribution of the force of the attack. This aside, how effective would be using a no export community with ones peers (being non transitive, it would still distribute the force of the attack).
Current thread:
- Re: Effective ways to deal with DDoS attacks?, (continued)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Basil Kruglov (May 01)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Message not available
- Forget Bernie... blitz (May 02)
- Re: Forget Bernie... Rachel K. Warren (May 02)
- RE: Forget Bernie... Eric Germann (May 02)
- Re: Effective ways to deal with DDoS attacks? Hank Nussbacher (May 02)
- Re: Effective ways to deal with DDoS attacks? Leo Bicknell (May 01)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 01)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 01)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Vadim Antonov (May 02)
- Re: Effective ways to deal with DDoS attacks? Jeff Workman (May 02)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 01)
- Re: Effective ways to deal with DDoS attacks? Pete Kruckenberg (May 01)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)