Effective ways to deal with DDoS attacks?

• Previous message (by thread): Effective ways to deal with DDoS attacks?
• Next message (by thread): Forget Bernie...
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 1 May 2002, Basil Kruglov wrote:

>
> On Thu, May 02, 2002 at 04:45:43AM +0000, Christopher L. Morrow wrote:
> > On Wed, 1 May 2002, Wojtek Zlobicki wrote:
> > >
> > > Where are providers drawing the line ?  Anyone have somewhat detailed
> > > published policies as to what a provider can do in order to protect their
> > > nework as a whole.
> > > At what point (strength of the attack) does a customers netblock (assuming a
> > > /24 for
> > > example) get null routed by whichever party.
> >
> > Most providers likely have a policy similar to: "I can't sacrafice 1
> > my network for 1 customer". So, if the attack is sufficient to degrade
> > service on the ISP network most likely the customer under attack will get
> > null routed.
>
> Are you saying UUnet, assuming for a sec that I am a customer of UUnet (just
> for the sake of the argument), UU will not null route my ircd if it
> it gets attacked on regular basis, say *daily* ?

I did not say that.

>
> Furthermore you are going to consistently place filters on your routers,
> take them out within the 24h (or whatever then-current policy of UUnet is)
> and track attacks back to their sources within the boundaries of your
> backbone on a daily basis? ;)
>

uhm... sure, we do this now... or have you not been paying attention?

> Will you do that for say a regular T1 customer or do I need more "commitment"
> as sales droids like to put it, to even consider such a service ? ;)
>

read above.

> > Hmm, perhaps FIRST customers should insist that their ISP have some 24/7
> > security contact that can actually help in the case of an attack. Today
> > there are very few that have this capability. I'd say from personal
> > experience that the number is way too small, even in the 'large' ISP arena
> > :(
> >
> > More pressure from customers for real security would be a good start.
>
> sigh, tried and failed, miserably I might add.
>

Then become a UUNET customer cause we already do this... Perhaps other
providers with 24/7 security teams will pipe up to give potential
customers a heads-up on options other than UUNET? If you go with UUNET
please tell the sales driod I sent you cause then I get 50 bucks :) (my
only raise thanks to bernie)

• Previous message (by thread): Effective ways to deal with DDoS attacks?
• Next message (by thread): Forget Bernie...
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]