Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DDoS attacks

  • From: Hank Nussbacher
  • Date: Thu Jul 12 01:49:52 2001

At 22:36 11/07/01 -0700, Jon O . wrote:
Ariel:


If you don't have these links already, they contain many resources for DDoS attack prevention and protection:
http://staff.washington.edu/dittrich/misc/ddos/
http://www.cisco.com/warp/public/707/22.html
http://www.denialinfo.com/

The only few things you can do on your end are:
TCP Intercept
Rate-limiting
Conacting your upstream ISP
Contacting ISP managing the sources of the attack

Other people might have more/other suggestions.

You initial email asked for AboveNet contact. Did you get some assistance and if so what was the resolution? This is very important for us to know so we can kind of keep track of cooperative ISPs and the ones that just ignore these problems.
And then what? Suppose you had a list of non-cooperative ISPs? What then? Experience has shown that the ISPs that don't care, won't care no matter what you say or do (those who follow FIRST know I have a lot to say on this matter, but have been holding back to give those non-cooperative ISPs time to make matters right - we are now on day 5 of a continuous non-spoofed 20Mb/sec dDoS attack :-)). Convince me why a list of non-cooperative ISPs is a thing that would help.

-Hank



Thanks,
Jon




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.