nanog mailing list archives
Re: DDoS attack with blackmail
From: William Herrin <bill () herrin us>
Date: Thu, 20 May 2021 16:07:53 -0700
On Thu, May 20, 2021 at 12:28 PM Baldur Norddahl <baldur.norddahl () gmail com> wrote:
We got attacked by a group that calls themselves "Fancy Lazarus". They want payment in BC to not attack us again. The attack was a volume attack to our DNS and URL fetch from our webserver. I am interested in any experience in fighting back against these guys.
If you announce your addresses with BGP then your first two calls should be to a DDOS mitigator and the FBI. You can reclaim your routing from the DDOS mitigator after the group gives up but should keep the relationship with the mitigator so you can more quickly activate it next time. If you don't do BGP, substitute your ISP for the DDOS mitigator and hope they're among the clueful. Call the FBI either way. There's nothing super fancy about a DDOS mitigator. They take over your BGP, bringing packets to them first instead of to you. They have big enough connections to sink whatever packets the attacker sends their way. They filter this data and then allow just the legitimate packets to make their way over a VPN back to you. Regards, Bill Herrin -- William Herrin bill () herrin us https://bill.herrin.us/
Current thread:
- DDoS attack with blackmail Baldur Norddahl (May 20)
- Re: DDoS attack with blackmail Brandon Svec via NANOG (May 20)
- Re: DDoS attack with blackmail Tim Howe (May 20)
- Re: DDoS attack with blackmail William Herrin (May 20)
- Re: DDoS attack with blackmail Lady Benjamin Cannon of Glencoe, ASCE (May 21)
- RE: DDoS attack with blackmail Jean St-Laurent via NANOG (May 21)
- RE: DDoS attack with blackmail Jean St-Laurent via NANOG (May 22)
- Re: DDoS attack with blackmail jim deleskie (May 24)
- Re: DDoS attack with blackmail Matt Erculiani (May 24)
- Re: DDoS attack with blackmail Jon Sands (May 24)
- RE: DDoS attack with blackmail Jean St-Laurent via NANOG (May 25)
- RE: DDoS attack with blackmail Jean St-Laurent via NANOG (May 21)