nanog mailing list archives
Re: UDP port 80 DDoS attack
From: Keegan Holley <keegan.holley () sungard com>
Date: Wed, 8 Feb 2012 04:12:21 -0500
It works in theory, but to get every ISP and hosting provider to ACL their edges and maintain those ACL's for every customer no matter how large might be a bit difficult. Also, what about non-BGP customers or customers that just accept a default route? Or even customers that just want return traffic to come in a different link for some reason. ISP's would suddenly become giant traffic registries. 2012/2/8 George Bonser <gbonser () seven com>
From: Keegan HolleyHow do you stop it?A provider knows what destination IP traffic they route TO a customer, don't they? That should be the only source IPs they accept FROM a customer. If you don't route it TO the customer, you shouldn't accept it FROM the customer unless you have made special arrangements with them and verified they are entitled to source the traffic from the desired IPs.
Current thread:
- Re: UDP port 80 DDoS attack, (continued)
- Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 05)
- Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 05)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 05)
- Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 05)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 05)
- Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 05)
- Re: UDP port 80 DDoS attack bas (Feb 07)
- RE: UDP port 80 DDoS attack George Bonser (Feb 08)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 08)
- RE: UDP port 80 DDoS attack George Bonser (Feb 08)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 08)
- RE: UDP port 80 DDoS attack George Bonser (Feb 08)
- RE: UDP port 80 DDoS attack George Bonser (Feb 08)
- Re: UDP port 80 DDoS attack bas (Feb 08)
- RE: UDP port 80 DDoS attack George Bonser (Feb 08)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 08)
- RE: UDP port 80 DDoS attack Drew Weaver (Feb 08)
- RE: UDP port 80 DDoS attack Sven Olaf Kamphuis (Feb 09)
- Re: UDP port 80 DDoS attack Steve Bertrand (Feb 09)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 09)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 08)