GoDaddy : DoS :: Contact

Alistair Mackenzie magicsata at gmail.com
Mon Aug 3 13:20:11 UTC 2015


Source based black holing would work in this case providing it was done at
GoDaddy's edge.
On 3 Aug 2015 01:58, "Mel Beckman" <mel at beckman.org> wrote:

> Blackholing isn't what you want. That will still permit his source IP into
> your network, and only blackhole replies from your network, so the attack
> will still consume bandwidth. What you should request is a source IP ACL
> blocking that address at your upstream' border.
>
> BGP is no help in these situations, unless you use a BGP-based DDoS
> protection service.
>
>  -mel beckman
>
> On Aug 2, 2015, at 5:17 PM, Jason LeBlanc <jason.leblanc at infusionsoft.com
> <mailto:jason.leblanc at infusionsoft.com>> wrote:
>
> Thanks Mel.  You are not being difficult, I meant DoS.  The network I
> inherited doesn't have BGP yet so I have asked our upstream to blackhole it
> and I emailed abuse neither have happened yet.  I do block it but that's
> after it hits our side.
>
> //Jason
>
> From: Mel Beckman <mel at beckman.org<mailto:mel at beckman.org>>
> Date: Sunday, August 2, 2015 at 4:20 PM
> To: Jason LeBlanc <jason.leblanc at infusionsoft.com<mailto:
> jason.leblanc at infusionsoft.com>>
> Cc: NANOG <nanog at nanog.org<mailto:nanog at nanog.org>>
> Subject: Re: GoDaddy : DDoS :: Contact
>
> Not to be difficult, but how can it be a DDoS attack if it's coming from a
> single IP? Normally you would just block this IP at your borders or ask
> your upstreams to do so before it consumes your bandwidth. You still want
> to get GoDaddy to address the problem, of course, but you should do that
> via their abuse at godaddy.com<mailto:abuse at godaddy.com> contact, or their
> abuse page at https://supportcenter.godaddy.com/AbuseReport/Index (submit
> via the "malware" button).
>
>  -mel
>
> On Aug 2, 2015, at 12:59 PM, Jason LeBlanc <jason.leblanc at infusionsoft.com
> <mailto:jason.leblanc at infusionsoft.com>> wrote:
>
> My company is being DDoS'd by a single IP from a GoDaddy customer.
>
> I havent had success with the abuse at godaddy.com<mailto:abuse at godaddy.com>
> email.  Was hoping someone
> that could help might be watching the list and could contact me off-list.
>
>
> //Jason
>
>
>



More information about the NANOG mailing list