Global Blackhole Service
Barry Raveendran Greene
bgreene at senki.org
Fri Feb 13 17:53:17 UTC 2009
Before everyone goes off and re-invents the wheel, please heed the advice
already provide by Randy, Steve, and Valdis. Community instigated RTBH is
used by a variety of Operational Security Communities. _Experience_ has
demonstrated caution. _Experience_ has pointed to the ways you use these
tools. _Experience_ has also demonstrated that you DO NOT let the bad guys
know about the details of what you do to fight them.
The people who DOS your network are most like know - if not already on
All of you what are getting fired up about a "Global Blackhole Service"
1. Make sure you and your upstream have an agreement on how to work DDOS
2. Make sure you and your peer have an agreement on how to work DDOS
3. Establish a procedure for resolving DDOS incidents.
4. Get vetted and join Operational Security Communities.
Details for all of this are on the NANOG archives:
Keyword search "Security"
Get this done first, then consult with your peers in those Operational
Security communities. Not on a forum which every bad guy in the world who
has a clue about Networking is keeping their eye on.
More information about the NANOG