Mitigating HTTP DDoS attacks?
Roger Marquis
marquis at roble.com
Tue Mar 25 01:58:03 UTC 2008
Mike Lyon wrote:
> So, i'm kind of new to this so please deal with my ignorance. But,
> what is common practice these days for HTTP DDoS mitigation during an
> attack? You can of course route every offending ip address to null0 at
> your border. But, if it's a botnet or trojan or something, It's coming
> from numerous different source IPs and Null0 routes can get very
> cumbersome. obviously. How do you folk usually deal with this?
Depends a lot on the size of the network. If it's more than a few colos I
highly recommend Arbor Peakflow (http://www.arbornetworks.com/). Not cheap
but it works and scales well.
--
Roger Marquis
Roble Systems Consulting
http://www.roble.com/
More information about the NANOG
mailing list