UDP port 80 DDoS attack

Keegan Holley keegan.holley at sungard.com
Mon Feb 6 01:50:23 UTC 2012

2012/2/5 Dobbins, Roland <rdobbins at arbor.net>

> On Feb 6, 2012, at 8:37 AM, Keegan Holley wrote:
> > Source RTBH often falls victim to rapidly changing or spoofed source
> IP"s.
> S/RTBH can be rapidly shifted in order to deal with changing purported
> source IPs, and it isn't limited to /32s.  It's widely supported on Cisco
> and Juniper gear (flowspec is a better choice on Juniper gear).
> I was referring to support from ISP's not from hardware vendors.

If folks don't want to read the presos or search through the archives,
> that's fine, of course.  The fact is that there are quite a few things that
> operators can and should do in order to mitigate DDoS attacks; and making
> the perfect the enemy of the merely good only helps the attackers, doesn't
> it?
> Yes but assuming everything discussed at a conference is instantly adopted
by the entire industry gives one false hope no?

More information about the NANOG mailing list