nanog mailing list archives
Re: Reporting DDOS reflection attacks
From: srn.nanog () prgmr com
Date: Sun, 09 Nov 2014 09:43:47 -0800
On 11/09/2014 09:31 AM, Brian Rak wrote:
Some tips: 1) Verify the servers are still vulnerable. This is pretty straightforward, and saves everyone involved some time
For a DDOS, I'd be concerned that the provider would now think my activity was malicious.
2) Your abuse emails should include tcpdump-like output (or you'll get tons of replies asking for logs)
Is the output from nfdump close enough?
3) Sticking to one abusive IP per email seems to get the best response rate (or you confuse all the automated systems for parsing these)
The smallest email abuse report I sent last week contained over 15,000 IPs. Is it really better to send that many emails?
Current thread:
- Re: Reporting DDOS reflection attacks, (continued)
- Re: Reporting DDOS reflection attacks Roland Dobbins (Nov 07)
- Re: Reporting DDOS reflection attacks Paul Bennett (Nov 07)
- Re: Reporting DDOS reflection attacks McDonald Richards (Nov 08)
- Re: Reporting DDOS reflection attacks Roland Dobbins (Nov 08)
- Re: Reporting DDOS reflection attacks Miles Fidelman (Nov 08)
- Re: Reporting DDOS reflection attacks srn . nanog (Nov 08)
- Re: Reporting DDOS reflection attacks Paul Bennett (Nov 07)
- Re: Reporting DDOS reflection attacks Roland Dobbins (Nov 07)
- Re: Reporting DDOS reflection attacks Ruairi Carroll (Nov 08)
- Re: Reporting DDOS reflection attacks srn . nanog (Nov 08)
- Re: Reporting DDOS reflection attacks Damian Menscher (Nov 08)
- Re: Reporting DDOS reflection attacks Brian Rak (Nov 09)
- Re: Reporting DDOS reflection attacks srn . nanog (Nov 09)
- Re: Reporting DDOS reflection attacks Brian Rak (Nov 09)
- RE: Reporting DDOS reflection attacks Frank Bulk (Nov 08)
- Re: Reporting DDOS reflection attacks Yardiel D. Fuentes (Nov 08)
- Re: Reporting DDOS reflection attacks Roland Dobbins (Nov 08)
- Re: Reporting DDOS reflection attacks Doug Barton (Nov 09)
- Re: Reporting DDOS reflection attacks manning bill (Nov 09)
- Message not available
- Re: Reporting DDOS reflection attacks Larry Sheldon (Nov 09)
- Re: Reporting DDOS reflection attacks Roland Dobbins (Nov 09)
- Re: Reporting DDOS reflection attacks Yardiel D. Fuentes (Nov 08)