nanog mailing list archives
Re: About ddos-response () nfoservers com
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Fri, 24 Jan 2014 16:38:21 -0500
On Fri, Jan 24, 2014 at 3:50 PM, Alain Hebert <ahebert () pubnix net> wrote:
Hi,
Well the abusers started to use burst and then switching targeted IP.
Last time I opened a ticket with GT-T/nLayer for a ~120Mbps NTP DDoS
Amplification "attempt" toward 2 of my IP's.
. after 2h, I called them directly to be told they lost my
original request;
. after 4h, got told it wasn't assigned yet;
. after 12h, they finally applied the filter as the amp attempt
stopped;
Based on that experience... why bother.
there are providers that have services to stop this sort of thing, there is at least one provider that does that stuff for free... you could vote with your wallet, of course.
To give you an idea, in the past 4 days and 30m queries, I'm up to 1100 blocked targets on one of my DNS Servers.
that's a bummer.
Current thread:
- About ddos-response () nfoservers com Alain Hebert (Jan 24)
- Re: About ddos-response () nfoservers com Christopher Morrow (Jan 24)
- Re: About ddos-response () nfoservers com Jared Mauch (Jan 24)
- Re: About ddos-response () nfoservers com Chris Boyd (Jan 24)
- Re: About ddos-response () nfoservers com Tei (Jan 24)
- Re: About ddos-response () nfoservers com Alain Hebert (Jan 24)
- Re: About ddos-response () nfoservers com Christopher Morrow (Jan 24)
- Re: About ddos-response () nfoservers com Chris Boyd (Jan 24)