DDOS, IDS, RTBH, and Rate limiting

Roland Dobbins rdobbins at arbor.net
Sun Nov 9 02:25:50 UTC 2014


On 9 Nov 2014, at 8:10, Eric C. Miller wrote:

> Does anyone have any suggestions for mitigating these type of attacks?

You can start with S/RTBH (or flowspec, if your platform supports it):

<http://tools.ietf.org/html/rfc5635>

<http://tools.ietf.org/html/rfc5575>

<https://app.box.com/s/xznjloitly2apixr5xge>

Here's a preso which discusses reflection/amplification attacks, 
including chargen reflection/amplification attacks such as the one you 
describe:

<https://app.box.com/s/r7an1moswtc7ce58f8gg>

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>


More information about the NANOG mailing list