DOS attack tracing

Richard A Steenbergen ras at e-gerbil.net
Tue May 10 00:03:57 UTC 2005


On Mon, May 09, 2005 at 01:35:06PM -1000, Richard wrote:
> 
> Hi,
> 
> We recently experienced several DOS attacks which drove our backbone routers
> CPU to 100%. The routers are not under attack, but the router just couldn't
> handle the traffic. There is a plan to upgrade these routers. One criteria
> is the ability to track which IP address is under attack and blackhole the
> traffic quickly. Anyone can share your experience of what kind of router is
> capable of doing this?
> 
> Also besides having a powerful router which can handle large volume of
> traffic, is there any other things that we need to consider in selecting the
> routers?

I recently wrecked my car, totaling it and running down several small 
children on their way to sunday school in the process. I plan to upgrade 
my car, and one of the criteria is that it not crash and kill people. Can 
you share advice on what car is capable of doing this?

This example is about as descriptive and useful at solving the problem as 
your original post. Without any details it is impossible to make any 
useful recommendation even if we wanted to. What type and scale of DoS are 
you trying to protect against, what type and scale of traffic are you 
routing, what kind of interfaces and how many, basic things like that. 
Without details, the best that you're likely to get (now that Dean is gone 
:P) is something akin to "go buy a volvo", namely "go buy a Juniper".

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)



More information about the NANOG mailing list