nanog mailing list archives
Re: Request for contact and procedure information
From: Seth Mattinen <sethm () rollernet us>
Date: Thu, 09 Jul 2009 23:27:55 -0700
Jeffrey Lyon wrote:
All, There are few if any ISP that will help you with something like this. Law enforcement also does not have the resources to even begin to look at a single DSL line being attacked unless you can show 7+ figures in damage or some type of major threat to national infrastructure. Your options are basically as follows: 1) Use csf . If properly tuned this should be sufficient to filter minor attacks. 2) Invest in a decent firewall like a Juniper Netscreen and set session limits. This won't stop an attack but it will limit the amount of traffic you have to filter locally. 3) Ask SBC to null route the IP completely 4) Invest in an actual protection service.
Last time I had to deal with a DDoS coming over a Sprint circuit (multilink T1) they transferred me to someone in security and they started null routing things. Initially they were treating it as trouble because the BGP session kept resetting, but once we all figured out it was a DDoS the resolution was quick and painless. Maybe my experience is abnormal? I don't know. ~Seth
Current thread:
- Re: Request for contact and procedure information, (continued)
- Re: Request for contact and procedure information Dan White (Jul 10)
- Re: Request for contact and procedure information Charles Wyble (Jul 10)
- Re: Request for contact and procedure information Seth Mattinen (Jul 10)
- Re: Request for contact and procedure information Dan White (Jul 10)
- Re: Request for contact and procedure information Seth Mattinen (Jul 10)
- Re: Request for contact and procedure information Jon Kibler (Jul 09)
- Re: Request for contact and procedure information Jeffrey Lyon (Jul 09)
- Re: Request for contact and procedure information Seth Mattinen (Jul 09)
- Re: Request for contact and procedure information Christopher Morrow (Jul 10)
- Re: Request for contact and procedure information Jeffrey Lyon (Jul 10)
- Re: Request for contact and procedure information Christopher Morrow (Jul 10)
- RE: Request for contact and procedure information Luan Nguyen (Jul 10)
- Re: Request for contact and procedure information Christopher Morrow (Jul 10)
- Re: Request for contact and procedure information Jeffrey Lyon (Jul 10)
- Re: Request for contact and procedure information Christopher Morrow (Jul 10)
- Re: Request for contact and procedure information Jeffrey Lyon (Jul 10)
- Re: Request for contact and procedure information Christopher Morrow (Jul 10)