nanog mailing list archives
Re: Effective ways to deal with DDoS attacks?
From: Hank Nussbacher <hank () att net il>
Date: Thu, 02 May 2002 11:15:28 +0200
At 04:16 AM 02-05-02 +0000, Christopher L. Morrow wrote:
What we use and we're a 'largeish' network: http://www.secsup.org/Tracking/ (shameless plug #1) Among other things this is a tool we use... there was a great set of slides and presentation given at NANOG23: http://www.nanog.org/mtg-0110/greene.html (shameless plug #2)
Shameless plug #3 from RIPE41: http://www.ripe.net/ripe/meetings/archive/ripe-41/tutorials/eof-ddos.pdf 155 slides - 2.3M -Hank Consultant Riverhead Networks (formerly Wanwall Networks) www.riverhead.com
There is also a set of papers Barry Greene from Cisco has available on the Cisco website... I'm positive he'll respond to this with the link, if he doesn't search the NANOG mailing list archive for the link it should be obvious in posts from Barry. If you want more pointers I'd be glad to chat on the phone with you, numbers included below. --Chris (chris () uu net) ####################################################### ## UUNET Technologies, Inc. ## ## Manager ## ## Customer Router Security Engineering Team ## ## (W)703-886-3823 (C)703-338-7319 ## ####################################################### On Wed, 1 May 2002, Pete Kruckenberg wrote: > > There's been plenty of discussion about DDoS attacks, and my > IDS system is darn good at identifying them. But what are > effective methods for large service-provider networks (ie > ones where a firewall at the front would not be possible) to > deal with DDoS attacks? > > Current method of updating ACLs with the source and/or > destination are slow and error-prone and hard to maintain > (especially when the target of the attack is a site that > users would like to access). > > A rather extensive survey of DDoS papers has not resulted in > much on this topic. > > What processes and/or tools are large networks using to > identify and limit the impact of DDoS attacks? > > Thanks. > Pete. > >
Current thread:
- Re: Effective ways to deal with DDoS attacks?, (continued)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Pete Kruckenberg (May 01)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Vincent Gillet (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 02)
- Re: Effective ways to deal with DDoS attacks? measl (May 02)
- Re: Effective ways to deal with DDoS attacks? Hank Nussbacher (May 02)
- Re: Effective ways to deal with DDoS attacks? Avleen Vig (May 02)
- Re: Effective ways to deal with DDoS attacks? Iljitsch van Beijnum (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 02)
- Re: Effective ways to deal with DDoS attacks? Iljitsch van Beijnum (May 02)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 04)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)