UDP port 80 DDoS attack
Keegan Holley
keegan.holley at sungard.com
Wed Feb 8 15:53:16 UTC 2012
2012/2/8 Dobbins, Roland <rdobbins at arbor.net>
> On Feb 8, 2012, at 8:07 PM, bas wrote:
>
> > As far as I see it S/RTBH is in no way a solution against smart
> attackers, of course it does help against all the kiddie attacks out
> > there.
>
> Once again, I've used S/RTBH myself and helped others use it many, many
> times, including to defend against attacks with shifting purported source
> IPs. flowspec, IDMS and other tools are very useful as well, but S/RTBH is
> supported on a lot of hardware, if operators choose to configure it.
>
> It is not a panacea. It is one tool in the toolbox.
>
> Folks can either choose to make use of it or choose not to do so; it is
> operationally proven, it does work, and it's certainly better than nothing.
> YMMV.
>
>
I agree. I think RTBH is a broadsword not a scalpel. It's a tool in the
tool box and there is a danger of dropping legitimate traffic with both
S/RTBH and D/RTBH. BGP isn't a security protocol. It's not even that
great of a routing protocol.
More information about the NANOG
mailing list