nanog mailing list archives
Re: ISP's who filter ICMP during DoS?
From: Rafi Sadowsky <rafi-nanog () meron openu ac il>
Date: Fri, 29 Jun 2001 14:31:13 +0300 (IDT)
On Thu, 28 Jun 2001, ASV wrote:
Does anyone have a list of which ISPs are willing to filter ICMP packets for you when your network is being (D)DoS'd, and which prefer to simply blackhole / disconnect you, and which will do absolutely nothing??
IMHO the best protection you can get from ICMP flooding is a permanent rate-limit on your upstream router to something between 1-5 % of the line capacity - You won't feel it unless you have a DoS attack and then it kicks automagically NOTE: depending on your "normal" traffic you want to rate limit UDP to something between say 20-50 % of line capacity - Rafi
I'm finding it hard to gather this information and it occured to me that this is an obvious factor when choosing an ISP! Thanks,
Current thread:
- ISP's who filter ICMP during DoS? ASV (Jun 28)
- RE: ISP's who filter ICMP during DoS? David Schwartz (Jun 28)
- Re: ISP's who filter ICMP during DoS? Pim van Riezen (Jun 28)
- Re: ISP's who filter ICMP during DoS? Rafi Sadowsky (Jun 29)
- <Possible follow-ups>
- RE: ISP's who filter ICMP during DoS? Los, Ralph (Jun 29)
- RE: ISP's who filter ICMP during DoS? Christopher L. Morrow (Jun 29)