Full Disclosure mailing list archives
Re: Ubisoft DDoS
From: James Matthews <nytrokiss () gmail com>
Date: Tue, 9 Mar 2010 12:11:57 -0800
I don't see why they didn't just block the attack. It must be more then this. On Tue, Mar 9, 2010 at 8:21 AM, Dobbins, Roland <rdobbins () arbor net> wrote:
On Mar 9, 2010, at 11:01 PM, <Valdis.Kletnieks () vt edu> wrote:Oh, I didn't say they didn't exist.A good way to get started w/scalable DDoS mitigation is to implement S/RTBH on one's hardware-based edge routers, and then make use of open-source NetFlow tools for visibility. There are commercial solutions as well - in the interests of full disclosure (pardon the pun, heh), I work for a vendor of such intelligent DDoS mitigation (IDMS) solutions. These slides may be of interest in hardening/leveraging one's network infrastructure and gaining the ability to detect/classify/traceback/mitigate DDoS: <http://files.me.com/roland.dobbins/k54qkv> <http://files.me.com/roland.dobbins/prguob> <http://files.me.com/roland.dobbins/k4zw3x> <http://files.me.com/roland.dobbins/dweagy> There was also a relevant talk at the latest NANOG (a synopsis of discussions on nanog-l and cisco-nsp): < http://www.nanog.org/meetings/nanog48/presentations/Monday/Kaeo_FilterTrend_ISPSec_N48.pdfand other relevant presentations at various NANOGs in the past. To answer the previous respondent's question, Cisco acquired Riverhead and its Guard in early 2004: < http://www.cisco.com/en/US/prod/collateral/modules/ps2706/end_of_life_c51-573493.htmlI also highly recommend this book by Dave Smith and Gregg Schudel of Cisco - it's the best (and only!) book on real-world opsec out there, available in dead-tree, Kindle, and Adobe Reader formats: < http://www.amazon.com/Router-Security-Strategies-Securing-Network/dp/1587053365/ref=sr_1_1?ie=UTF8&s=books&qid=1262667257&sr=8-1[Full disclosure again; I'm cited in the book, but received and continue to receive no renumeration of any kind due to same.] But before going the commercial route, folks should work on hardening their hosts/OSes/apps and leveraging their existing infrastructure and open-source as noted in the presentations above - in many cases, this is all that's needed, as outlined here: <http://mailman.nanog.org/pipermail/nanog/2010-January/016747.html> ----------------------------------------------------------------------- Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com> Injustice is relatively easy to bear; what stings is justice. -- H.L. Mencken _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- http://www.miami-criminallaw.com/practice-areas/cyber-crimes --
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Ubisoft DDoS Jan Schejbal (Mar 09)
- Re: Ubisoft DDoS Adrenalin (Mar 09)
- Re: Ubisoft DDoS Valdis . Kletnieks (Mar 09)
- Re: Ubisoft DDoS Michal (Mar 09)
- Re: Ubisoft DDoS Valdis . Kletnieks (Mar 09)
- Re: Ubisoft DDoS Dobbins, Roland (Mar 09)
- Re: Ubisoft DDoS James Matthews (Mar 09)
- Re: Ubisoft DDoS Jan Schejbal (Mar 09)
- Re: Ubisoft DDoS Rohit Patnaik (Mar 09)
- Re: Ubisoft DDoS Valdis . Kletnieks (Mar 09)
- Re: Ubisoft DDoS Adrenalin (Mar 09)
- Re: Ubisoft DDoS Michal (Mar 10)
- Re: Ubisoft DDoS Christian Sciberras (Mar 09)