Request for contact and procedure information

Jeffrey Lyon jeffrey.lyon at blacklotus.net
Fri Jul 10 22:06:11 CDT 2009


I don't know of any internet access services that provide a SLA against DDoS.

Jeff

On Fri, Jul 10, 2009 at 10:57 PM, Christopher
Morrow<morrowc.lists at gmail.com> wrote:
> On Fri, Jul 10, 2009 at 6:38 PM, Jeffrey
> Lyon<jeffrey.lyon at blacklotus.net> wrote:
>> Fact: Filtering TCP/80 attacks is a 3 to 4 figure job, sometimes even 5 figure.
>
> I was actually being serious, it's not, it doesn't have to, and in the
> case that started this discussion it probably would have been
> sufficient to just drop tcp/80 to his link since I would be it's
> 'business dsl' so he gets an 'SLA' not so he can run a business
> critical web service there.
>
> There are services you can buy that are a lot more expensive, but why
> would you? if there are options that are more relevant and cheaper...
> and in line with what you want. You can certainly pay more if you want
> to, I'm not sure that's the smart choice though.
>
> -Chris
>
>> On Fri, Jul 10, 2009 at 6:16 PM, Christopher
>> Morrow<morrowc.lists at gmail.com> wrote:
>>> On Fri, Jul 10, 2009 at 5:49 PM, Luan Nguyen<luan at netcraftsmen.net> wrote:
>>>> Filter like in using the Cisco Guard of sort, to send the good traffic back
>>>> to the customers? And that service is <cough>free through vzb?</cough>
>>>
>>> as in: "find some way to keep the customer alive and kicking"
>>>
>>> which might be:
>>> 1) null route bad destination if no one cares about it
>>> 2) acl the traffic upstream if it's not to something you care about
>>> (but need the ip to work)
>>> 3) guard/mitigate traffic and redeliver (which has some limitations or did)
>>>
>>> all of that is free to 701 customers, yes. if you have to get to step3
>>> more than a few times I'm sure sales will want you to pay, since that
>>> part isn't 'free' to the company.
>>>
>>> point being, dropping tcp/80 syn traffic isn't hard, and it's
>>> routinely done at customer request. (or was when I was doing it there)
>>>
>>> -chris
>>>
>>> ----------------------------------
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: Christopher Morrow [mailto:morrowc.lists at gmail.com]
>>>> Sent: Friday, July 10, 2009 5:40 PM
>>>> To: Jeffrey Lyon
>>>> Cc: nanog at nanog.org; Charles Wyble
>>>> Subject: Re: Request for contact and procedure information
>>>>
>>>> On Fri, Jul 10, 2009 at 5:12 PM, Jeffrey
>>>> Lyon<jeffrey.lyon at blacklotus.net> wrote:
>>>>> Would what? Null route the IP? I'm talking about actually filtering the
>>>>> attack.
>>>>
>>>> as was I. (talking about filtering the attack)
>>>>
>>>>> On Jul 10, 2009 5:10 PM, "Christopher Morrow" <morrowc.lists at gmail.com>
>>>>> wrote:
>>>>>
>>>>> On Fri, Jul 10, 2009 at 2:11 AM, Jeffrey Lyon<jeffrey.lyon at blacklotus.net>
>>>>> wrote: > All, > > There a...
>>>>>
>>>>> <cough>uunet/vzb would/will</cough>
>>>>>
>>>>> (for free most times even)
>>>>>
>>>>
>>>>
>>>
>>
>>
>>
>> --
>> Jeffrey Lyon, Leadership Team
>> jeffrey.lyon at blacklotus.net | http://www.blacklotus.net
>> Black Lotus Communications of The IRC Company, Inc.
>>
>> Look for us at HostingCon 2009 in Washington, DC on August 10th - 12th
>> at Booth #401.
>>
>



-- 
Jeffrey Lyon, Leadership Team
jeffrey.lyon at blacklotus.net | http://www.blacklotus.net
Black Lotus Communications of The IRC Company, Inc.

Look for us at HostingCon 2009 in Washington, DC on August 10th - 12th
at Booth #401.




More information about the NANOG mailing list