Re: Best way to get foreign ISPs to shut down DDoS reflectors?

Thu Apr 23 21:38:35 UTC 2020

This brings up an interesting question -- what is "good DDoS protection" on an ISP scale?  Apart from having enough bandwidth to weather the attack and having upstream providers attempt to filter it for you/

-----Original Message-----
From: "Bottiger" <bottiger10 at gmail.com>
Sent: Thursday, April 23, 2020 5:30pm
To: "Siyuan Miao" <aveline at misaka.io>
Cc: "North American Network Operators' Group" <nanog at nanog.org>
Subject: Re: Best way to get foreign ISPs to shut down DDoS reflectors?

We are unable to upgrade our bandwidth in those areas. There are no providers within our budget there at the moment. Surely there must be some way to get them to respond.

On Thu, Apr 23, 2020 at 2:23 PM Siyuan Miao <[ aveline at misaka.io ]( mailto:aveline at misaka.io )> wrote:
It won't work.
Get a good DDoS protection and forget about it.

On Fri, Apr 24, 2020 at 5:17 AM Bottiger <[ bottiger10 at gmail.com ]( mailto:bottiger10 at gmail.com )> wrote:
Is there a guide on how to get foreign ISPs to shut down reflectors used in DDoS attacks?
I've tried sending emails listed under abuse contacts for their regional registries. Either there is none listed, the email is full, email does not exist, or they do not reply. Same results when sending to whatever other email they have listed.
Example Networks:
CLARO S.A.
Telefonica
China Telecom
Korea Telecom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200423/65a43179/attachment.html>