Re: about udp 80,8080,0

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Re: about udp 80,8080,0

From: Dobbins, Roland
Date: Tue Feb 09 07:16:32 2010

Accept-language: en-US
Acceptlanguage: en-US
List-archive: <http://mailman.nanog.org/mailman/nanog>
List-help: <mailto:nanog-request@nanog.org?subject=help>
List-id: North American Network Operators Group <nanog.nanog.org>
List-post: <mailto:nanog@nanog.org>
List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>,<mailto:nanog-request@nanog.org?subject=subscribe>
List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>,<mailto:nanog-request@nanog.org?subject=unsubscribe>

On Feb 9, 2010, at 6:57 PM, 최종훈 wrote:

>   Is there anyone who have experiences controlling udp port 8,8080,0 ? rate-limiting or block!

Not a good idea to use rate-limiting to deal with DDoS attacks - the programmatically-generated bad traffic ends up crowding out legitimate traffic.

All kinds of online games (many very popular in the RoK) make use of various UDP high ports; one never knows what applications users are running, so simply blocking ports isn't generally a good idea.

S/RTBH and/or an IDMS are a couple of different ways to mitigate DDoS attacks.

See this presentation for some BCPs:

<http://files.me.com/roland.dobbins/k54qkv>

-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>

    Injustice is relatively easy to bear; what stings is justice.

                        -- H.L. Mencken

References:
- =?EUC-KR?B?YWJvdXQgdWRwIDgwLDgwODAsMA==?= =?EUC-KR?B?w9bBvsjG?=

Prev by Date: =?EUC-KR?B?YWJvdXQgdWRwIDgwLDgwODAsMA==?=
Next by Date: Yahoo abuse
Date Index
Thread Index
Author Index
Historical