Re: DDOS solution recommendation

[Ca By <cb.list6 () gmail com>]

On Sun, Jan 11, 2015 at 5:07 AM, Mike Hammett <nanog () ics-il net> wrote:

> Why does it seem like everyone is trying to "solve" this the wrong way?
>
> Do other networks' abuse departments just not give a shit? Blackhole all
> of the zombie attackers and notify their abuse departments. Sure, most of
> the owners of the PCs being used in these scenarios have no idea they're
> being used to attack people, but I'd think that if their network's abuse
> department was notified, either they'd contact the customer about it issue
> or at least have on file that they were notified. When the unknowing
> end-user reached out to support over larger and larger parts of the
> Internet not working, they'd be told to clean up their system.
>
> The way to stop this stuff is for those millions of end users to clean up
> their infected PCs.
1. BCP38 protects your neighbor, do it.

2.  Protect yourself by having your upstream police Police UDP to some
baseline you are comfortable with.

3.  Have RTBH ready for some special case.

4.  Sleep better at night.

I do all of the above for the last 18 months.



> -----
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
>
>
> ----- Original Message -----
>
> From: "Manuel Marín" <mmg () transtelco net>
> To: nanog () nanog org
> Sent: Thursday, January 8, 2015 11:01:47 AM
> Subject: DDOS solution recommendation
>
> Nanog group
>
> I was wondering what are are using for DDOS protection in your networks. We
> are currently evaluating different options (Arbor, Radware, NSFocus,
> RioRey) and I would like to know if someone is using the cloud based
> solutions/scrubbing centers like Imperva, Prolexic, etc and what are the
> advantages/disadvantages of using a cloud base vs an on-premise solution.
> It would be great if you can share your experience on this matter.
>
> Thank you