nanog mailing list archives

Re: ddos attacks

From: "Scott Weeks" <surfer () mauigateway com>
Date: Thu, 19 Dec 2013 14:02:54 -0800



--- cb.list6 () gmail com wrote:
On Dec 19, 2013 4:25 PM, "Dobbins, Roland" <rdobbins () arbor net> wrote:
On Dec 19, 2013, at 6:12 AM, cb.list6 <cb.list6 () gmail com> wrote:

I am strongly considering having my upstreams to simply 
rate limit ipv4 UDP.


QoS is a very poor mechanism for remediating DDoS attacks.  
It ensures that programmatically-generated attack traffic 
will 'squeeze out' legitimate traffic.


I agree. But ... i am pretty sure i am going to do it. Trade offs.
-----------------------------------------------------------------


If you don't mind, after your first legit attack reply back to 
this thread with the details, so others can learn from it when
they're looking through the archives.

scott

Current thread:

Re: ddos attacks, (continued)
- - Re: ddos attacks Edward Lewis (Dec 19)
    - Re: ddos attacks cb.list6 (Dec 19)
  - Re: ddos attacks Dobbins, Roland (Dec 19)
    - Re: ddos attacks cb.list6 (Dec 19)
    - Re: ddos attacks Dobbins, Roland (Dec 19)
    - Re: ddos attacks Saku Ytti (Dec 20)
    - Re: ddos attacks Dobbins, Roland (Dec 20)
- Re: ddos attacks dennis () justipit com (Dec 19)
- Re: ddos attacks Eugeniu Patrascu (Dec 19)
- Re: ddos attacks dennis () justipit com (Dec 19)
- Re: ddos attacks Scott Weeks (Dec 19)