nanog mailing list archives
Re: About ddos-response () nfoservers com
From: Alain Hebert <ahebert () pubnix net>
Date: Fri, 24 Jan 2014 15:50:06 -0500
Hi, Well the abusers started to use burst and then switching targeted IP. Last time I opened a ticket with GT-T/nLayer for a ~120Mbps NTP DDoS Amplification "attempt" toward 2 of my IP's. . after 2h, I called them directly to be told they lost my original request; . after 4h, got told it wasn't assigned yet; . after 12h, they finally applied the filter as the amp attempt stopped; Based on that experience... why bother. To give you an idea, in the past 4 days and 30m queries, I'm up to 1100 blocked targets on one of my DNS Servers. ----- Alain Hebert ahebert () pubnix net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443 On 01/24/14 09:36, Jared Mauch wrote:
On Jan 24, 2014, at 9:22 AM, Alain Hebert <ahebert () pubnix net> wrote:Is there a [Spoofing Tracking Squad] out there? ( We're on GT-T/nLayer/Tinet )You haven’t been able to get GTT/nLayer/TINet to track the traffic back? Details are welcome, either here or in private. There are plenty of people who will chase and fix this stuff when they’re aware of it. - Jared
Current thread:
- About ddos-response () nfoservers com Alain Hebert (Jan 24)
- Re: About ddos-response () nfoservers com Christopher Morrow (Jan 24)
- Re: About ddos-response () nfoservers com Jared Mauch (Jan 24)
- Re: About ddos-response () nfoservers com Chris Boyd (Jan 24)
- Re: About ddos-response () nfoservers com Tei (Jan 24)
- Re: About ddos-response () nfoservers com Alain Hebert (Jan 24)
- Re: About ddos-response () nfoservers com Christopher Morrow (Jan 24)
- Re: About ddos-response () nfoservers com Chris Boyd (Jan 24)