Solutions for DoS & DDoS

Yuri Slobodyanyuk yuri at yurisk.info
Fri Dec 7 09:30:52 UTC 2012


I can think of few options here (basically restating what has been said
already) :
- Black hole routing on ISP side - just makes the client unreachable
outside ISP , available everywhere,
 free. Not really a protection as aids the attacker in achieving his goal -
shutting down the client
- Managed DDOS As a Service on ISP side - ISP has a dedicated solution to
stop attacks on ISP premises (by dedicated I mean some hardware installed)
. Vendors vary (Arbor/Radware/etc..) and actually are not of much
importance to the end client - only SLA should be in place. Costs money,
advisable when undergoing non-stop/frequent attacks of moderate severity.
If an attack reaches gigabits bandwidth consumption the ISP may revert back
to Black Hole to protect its backbone and other clients.
- If speaking of web/email services - hosted solution is viable to some
degree (e..g Amazon AWS Cloudfront, Google Apps, CDNs etc) . IT is not a
DEDICATED hosted solution against DDOS, so be prepared for the provider to
shut down the client if the attack gets heavy enough
- Hosted web/email solutions WITH dedicated DDOS protection included,
including insurance that client will not be shut down on heavy load attack
(Prolexic etc) . Costs money (not cheap at all)  and if your site is not to
be attacked like krebsonsecurity.com or fbi.gov probably an overkill.

 HTH

> --
>
Taking challenges one by one.
http://yurisk.info


More information about the NANOG mailing list