DoS Attacks

Haesu haesu at towardex.com
Wed Oct 8 04:32:38 UTC 2003


First of all, have your tools ready so that whenever DoS pounds on you, you can
immediately activate them and they will give you an overview of the DoS attack
such as size of the attack, source/dest (random or one/two or spoofed?), et al.

Then you need to contact your upstream first to hve them deal with it, and yes
I understand, most SDSL providers do not like to cooperate.

Considering it takes me 1 hour of buerocracy to get an ACL put up during a DoS 
to my current providers, getting an ACL activated by SDSL team is.....psh....
utterly hopeless unless you have people connections :( 

If you can't afford T1/T3 type of circuits where you can at least call up your
upstream (doesnt matter how long it takes them to put up the ACL, the point is,
will they?), then I hate to say... I don't think there is much you can do :-(

-hc

-- 
Haesu C.
TowardEX Technologies, Inc.
Consulting, colocation, web hosting, network design and implementation
http://www.towardex.com | haesu at towardex.com
Cell: (978)394-2867     | Office: (978)263-3399 Ext. 170
Fax: (978)263-0033      | POC: HAESU-ARIN


On Wed, Oct 08, 2003 at 12:03:19AM -0400, Brian Bruns wrote:
> 
> ----- Original Message ----- 
> From: "Mark Radabaugh" <mark at amplex.net>
> To: <nanog at merit.edu>
> Sent: Tuesday, October 07, 2003 11:56 PM
> Subject: Re: DoS Attacks
> 
> 
> >
> > I think I would follow two avenues next time - the direct approach with
> FSU
> > (or wherever the traffic is coming from) as well as with your DSL
> provider.
> > Your upstream should be able to assist in at least keeping the traffic off
> > of your dedicated line.
> >
> > Whether your DSL provider has the resources to sink the traffic may be
> > another matter  -- but they are at least in a position to help you and
> > (since you are paying them) have an interest in dealing with you.
> 
> I hate to say this, but Ameritech/SBC is utterly useless in matters like
> this.  I mean, at one point their redback was being nailed, and they didn't
> seem to care one bit.  After 5pm, everyone with a clue seems to leave, and
> we are left with useless low level help desk techs.
> 
> Our DSL service isn't bad - in fact it rarely goes down.  The problem is
> that when we need their help with something out of our league, they are
> completely useless.  Anyone know of a contact number for SBC/Ameritech that
> would be useful in a case like this?
> 
> 
> --------------------------
> Brian Bruns
> The Summit Open Source Development Group
> Open Solutions For A Closed World / Anti-Spam Resources
> http://www.2mbit.com
> ICQ: 8077511
> 




More information about the NANOG mailing list