DDoS using port 0 and 53 (DNS)
Dobbins, Roland
rdobbins at arbor.net
Thu Jul 26 04:03:01 UTC 2012
On Jul 26, 2012, at 5:13 AM, Drew Weaver wrote:
> Another nice "emerging" tool [I say emerging because it's been around forever but nobody implements it] to deal with this is Flowspec, using flowspec you can instruct your Upstream to block traffic with much more granular characteristics.
flowspec is essentially S/RTBH with layer-4 granularity (it can do some other things, as well). I certainly hope that vendors who've not yet implemented it will do so, it's a great tool, as you say.
Even customer-triggered S/RTBH is very useful, and some ISPs have implemented it for their customers.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
More information about the NANOG
mailing list