Mitigating HTTP DDoS attacks?
Roland Dobbins
rdobbins at cisco.com
Mon Mar 24 22:18:20 UTC 2008
On Mar 25, 2008, at 5:02 AM, Mike Lyon wrote:
> Any input would be greatly appreciated.
There are devices available today from different vendors (including
Cisco, full disclosure) which are intelligent DDoS-'scrubbers' and
which can deal with more sophisticated types of attacks at layer-7,
including HTTP and DNS. S/RTBH is also an option, keeping in mind
some of the caveats you mentioned (staying mindful of attacking hosts
behind proxies, botted hosts of legit customers, et. al.).
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // +66.83.266.6344 mobile
It doesn't pay to dispute what you know to be true.
-- Fred Reed
More information about the NANOG
mailing list