nanog mailing list archives

Re: Over a decade of DDOS--any progress yet?

From: Joel Jaeggli <joelja () bogus com>
Date: Tue, 14 Dec 2010 17:34:24 -0800

On 12/8/10 6:30 AM, Drew Weaver wrote:

Yes, but this obviously completes the 'DDoS attack' and sends the signal that the bully will win.


it's part of a valid mitigation strategy. shifting the target out from
underneath the blackholed address is also part of the activity. that's
easier in some cases than others. the bots will move and you play whack
a rat with your upstreams.

joel

-Drew

From: alvaro.sanchez () adinet com uy [mailto:alvaro.sanchez () adinet com uy] 
Sent: Wednesday, December 08, 2010 8:46 AM
To: rdobbins () arbor net; North American Operators' Group
Subject: Re: Over a decade of DDOS--any progress yet?

A very common action is to blackhole ddos traffic upstream by sending a 
bgp route to the next AS with a preestablished community indicating the 
traffic must be sent to Null0. The route may be very specific, in order 
to impact as less as possible. This needs previous coordination between 
providers.
Regards.

Current thread:

Re: Over a decade of DDOS--any progress yet?, (continued)
- - - Re: Over a decade of DDOS--any progress yet? JC Dill (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Matthew Petach (Dec 09)
    - RE: Over a decade of DDOS--any progress yet? George Bonser (Dec 09)
    - Re: Over a decade of DDOS--any progress yet? Lamar Owen (Dec 09)
    - Re: Over a decade of DDOS--any progress yet? Rich Kulawiec (Dec 09)
    - Re: Over a decade of DDOS--any progress yet? Matthew Petach (Dec 09)
    - Re: Over a decade of DDOS--any progress yet? Valdis . Kletnieks (Dec 09)
- Re: Over a decade of DDOS--any progress yet? alvaro.sanchez () adinet com uy (Dec 08)
  - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? jim deleskie (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Joel Jaeggli (Dec 14)
  - Re: Over a decade of DDOS--any progress yet? Thomas Mangin (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Thomas Mangin (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jack Bates (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jeffrey Lyon (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jack Bates (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 08)

(Thread continues...)