DDOS, IDS, RTBH, and Rate limiting

Matt Palmer mpalmer at hezmatt.org
Sun Nov 9 05:13:21 UTC 2014


On Sat, Nov 08, 2014 at 10:37:45PM -0500, Jon Lewis wrote:
> On Sun, 9 Nov 2014, Roland Dobbins wrote:
> >But this kind of thing punishes the victim.  It's far better to do
> >everything possible to *protect* the target(s) of an attack, and
> >only use D/RTBH as a last resort.
> 
> I'm sure it's not always the case, but in my experience as a SP, the
> victim virtually always did something to instigate the attack

Like have the temerity to have a successful online store.  Or be featured in
the mainstream media for providing information during a natural disaster. 
The bastards.  I've dealt with far more DDoS attacks that were for the
purposes of extortion or lulz than were due to the recipient "instigating
the attack".  Perhaps that's a function of not attempting to cater to the
lowest common denominator.

- Matt



More information about the NANOG mailing list