Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: 80/udp floods?

  • From: Suresh Ramasubramanian
  • Date: Wed Feb 18 21:06:40 2004 
Wayne E. Bouchard  [2/19/2004 6:16 AM] :


Easy enough to fend off except for the TCP 80 bit. For most of these
attacks, I've taken to just filtering the entire LACNIC and APNIC
address delegations at the host level for the durration of the
incident since, in the general case, my customers (the ones that
suffer these incidents) do little if any business in that region.
May I suggest extending your ACLs to filter 0/0?

I have seen quite a lot of this from ARIN (mostly cablemodem land, 24/8) as well as RIPE space (again cablemodem land -> trojaned zombies?)

srs

--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations



Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.