Solutions for DoS & DDoS

Joseph Chin l-nanog at iodi.se
Thu Dec 6 21:08:53 UTC 2012


Is the cause of this non-profit a controversial one with a good likelihood
of attracting the attention of demographics with the ability to mount DDoS
attacks? If your upstream can do it for a good price (on account of being a
non-profit organization) and they have lots of bandwidth along with a decent
stack of mitigation gear, and some clue on how to operate them, then that
should be the first choice. But DDoS mitigation is not their core business,
so be prepared for them to blackhole your IP if things get difficult. Make
sure your SLA is as bulletproof as possible or at least understand how bad
things can get before they bail out on you.

If the asset you want to protect is on standard web ports (ie 80 and 443)
and is a likely DDoS target (per my first question), then one of the
affordable DDoS-Mitigation-as-a-Service (DMaaS) providers would be a better
fit for the task. Your upstream will appreciate not becoming collateral
victim of the attack traffic. My good friend (who was also a co-founder of
Peer1) founded dosarrest.com. They seem to be quite successful and have
protected some high profile customers, so feel free to give them a call.

If the non-profit is in the high risk of attack profile (ie any cause that
is likely to offend techno-savvy bullies or religious fanatics), then you
should talk to Prolexic/Verisign/Neustar/NexusGuard. If you are in the high
risk category and you cause is that of free-speech, maybe the good folks at
virtualroad.org (with help from Prolexic) can help.

Regards,
Joe

-----Original Message-----
From: Mike Gatti [mailto:ekim.ittag at gmail.com] 
Sent: Thursday, December 06, 2012 5:51 PM
To: NANOG list
Subject: Solutions for DoS & DDoS

Hello Everyone, 

I'm assisting a non-profit organization to research solutions to secure
their network from DOS/DDOS attacks. So far we have gone the route of
discussing with their ISP's to see what solutions they have to offer,
believing that the carriers are better positioned to block the attack from
the source. 

I wanted to get the lists thoughts on our approach going the carrier route
and/or hear about successful implementation of other solutions. 

Thanks,
--
Michael Gatti  
949.371.5474
(UTC -8)








More information about the NANOG mailing list