nanog mailing list archives
Re: ddos attacks
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Fri, 2 Aug 2013 10:38:15 -0400
On Aug 02, 2013, at 09:37 , sgraun () airstreamcomm net wrote:
I’m curious to know what other service providers are doing to alleviate/prevent ddos attacks from happening in your network. Are you completely reactive and block as many addresses as possible or null0 traffic to the effected host until it stops or do you block certain ports to prevent them. What’s the best way people are dealing with them?
#1: Ensure your network is BCP38 compliant. Hard to complain about others attacking you when you are not clear. And if you do not block source-address spoofing, you are not clean. As for the rest, I'll let others with more recent experience explain what they do. -- TTFN, patrick
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Current thread:
- ddos attacks sgraun (Aug 02)
- Re: ddos attacks Valdis . Kletnieks (Aug 02)
- Re: ddos attacks Patrick W. Gilmore (Aug 02)
- Re: ddos attacks Jared Mauch (Aug 02)
- Re: ddos attacks Mark Andrews (Aug 02)
- Re: ddos attacks Jared Mauch (Aug 02)
- RE: ddos attacks Ahad Aboss (Aug 05)