nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Mitigating HTTP DDoS attacks?

From: "Rodrick Brown" <rodrick.brown () gmail com>
Date: Mon, 24 Mar 2008 23:13:25 -0400

On Mon, Mar 24, 2008 at 6:02 PM, Mike Lyon <mike.lyon () gmail com> wrote:


 Howdy all,

 So, i'm kind of new to this so please deal with my ignorance. But,
 what is common practice these days for HTTP DDoS mitigation during an
 attack? You can of course route every offending ip address to null0 at
 your border. But, if it's a botnet or trojan or something, It's coming
 from numerous different source IPs and Null0 routes can get very
 cumbersome. obviously. How do you folk usually deal with this?

 Any input would be greatly appreciated.

 Cheers,
 Mike



They're a few companies that specialize in "DDOS protection type
services" one company that comes to mind is Prolexic and their  IPN
infrastructure protection service. Prolexic will basically absorbs all
attacks filter out the bad data and then deliver clean traffic back to
your network. Its completly transparent to you're clients. Its not
cheap but i've worked with a few internet based trading companies who
used this service to litigate DDOS attacks on their network
infrastructure.

-- 
[ Rodrick R. Brown ]
http://www.rodrickbrown.com
http://www.linkedin.com/in/rodrickbrown
Previous By Date Next
Previous By Thread Next

Current thread: