nanog mailing list archives
Experiences with DDoS platforms...
From: "Fergie" <fergdawg () netzero net>
Date: Tue, 29 Aug 2006 02:01:49 GMT
So, it would appear to me that simply analyzing netflow data, etc., at the time of a (D)DoS attack, and then black-holing (by hand) the offending source addresses may not be the most scalable and efficient way of dealing/coping/mitigating/staying-on-the-air during an attack. Of course, depending where you are on the food chain, the resources one is trying to protect, the volume of DDoS traffic, etc, plays into the equation, etc. I was looking to see what opinions folks on the list may have on the DDoS "appliance" vendor products available -- I'm particularly looking for a stand-alone (or in conjunction with a 'traffic analysis' box) to off-load DoS "mitigation" -- real-world experiences welcome. Please direct responses to me off-list, or not... Thanks, - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Current thread:
- Experiences with DDoS platforms... Fergie (Aug 28)
- Re: Experiences with DDoS platforms... Rick Wesson (Aug 29)
- Re: Experiences with DDoS platforms... Peter Corlett (Aug 29)