DDoS using port 0 and 53 (DNS)

• Previous message (by thread): DDoS using port 0 and 53 (DNS)
• Next message (by thread): Paging Deutsche Telekom
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jul 26, 2012, at 5:13 AM, Drew Weaver wrote:

> Another nice "emerging" tool [I say emerging because it's been around forever but nobody implements it] to deal with this is Flowspec, using flowspec you can instruct your Upstream to block traffic with much more granular characteristics.

flowspec is essentially S/RTBH with layer-4 granularity (it can do some other things, as well).  I certainly hope that vendors who've not yet implemented it will do so, it's a great tool, as you say.

Even customer-triggered S/RTBH is very useful, and some ISPs have implemented it for their customers.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

• Previous message (by thread): DDoS using port 0 and 53 (DNS)
• Next message (by thread): Paging Deutsche Telekom
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]