nanog mailing list archives
Re: handling ddos attacks
From: Hank Nussbacher <hank () mail iucc ac il>
Date: Fri, 21 May 2004 07:39:20 +0200
At 12:00 PM 20-05-04 -0700, Wayne E. Bouchard wrote:
I too would be interested if someone could point a good white paper for cisco DDOS protection mechanisms and best practices in general.
For Cisco specific ideas try: http://www.ripe.net/ripe/meetings/archive/ripe-41/tutorials/eof-ddos.pdf specifically slides 86-92 and 105-127. -Hank
On Thu, May 20, 2004 at 11:52:01AM -0700, Mark Kent wrote: > > I've been trying to find out what the current BCP is for handling ddos > attacks. Mostly what I find is material about how to be a good > net.citizen (we already are), how to tune a kernel to better withstand > a syn flood, router stuff you can do to protect hosts behind it, how > to track the attack back to the source, how to determine the nature of > the traffic, etc. > > But I don't care about most of that. I care that a gazillion > pps are crushing our border routers (7206/npe-g1). > > Other than getting bigger routers, is it still the case that the best > we can do is identify the target IP (with netflow, for example) and > have upstreams blackhole it? > > Thanks, > -mark --- Wayne Bouchard web () typo org Network Dude http://www.typo.org/~web/
Current thread:
- handling ddos attacks Mark Kent (May 20)
- Re: handling ddos attacks Wayne E. Bouchard (May 20)
- Re: handling ddos attacks Hank Nussbacher (May 20)
- Re: handling ddos attacks Jared Mauch (May 20)
- Re: handling ddos attacks Vincent Gillet - Opentransit (May 20)
- Re: handling ddos attacks Matt Buford (May 20)
- Re: handling ddos attacks Rachael Treu-Gomes (May 20)
- Re: [NANOG-LIST] handling ddos attacks Brent Van Dussen (May 20)
- Re: handling ddos attacks Steve Gibbard (May 20)
- Re: handling ddos attacks Danny McPherson (May 20)
- Re: handling ddos attacks Paul Vixie (May 20)
- Re: handling ddos attacks P.Schroebel (May 20)
- Re: handling ddos attacks Tim Wilde (May 20)
- Re: handling ddos attacks P.Schroebel (May 20)
(Thread continues...)
- Re: handling ddos attacks Wayne E. Bouchard (May 20)