nanog mailing list archives

Re: GoDaddy : DoS :: Contact

From: Mel Beckman <mel () beckman org>
Date: Mon, 3 Aug 2015 13:46:10 +0000

There are two problems with Source-Based Remote Triggered Black Hole (S/RTBH):

1. From the RFC itself, you by definition sacrifice the victims address:

   3.1. ...While this does "complete" the attack in that the target address(es)
   are made unreachable, collateral damage is minimized.  It may also be
   possible to move the host or service on the target IP address(es) to
   another address and keep the service up, for example, by updating
   associated DNS resource records.

2. No ISP I know of supports it (e.g., via BGP communities)

 -mel

On Aug 3, 2015, at 6:31 AM, Roland Dobbins <rdobbins () arbor net> wrote:

On 3 Aug 2015, at 20:28, Mel Beckman wrote:

Blackholing works on destination address — it’s a route to null0.


<https://tools.ietf.org/html/rfc5635>

-----------------------------------
Roland Dobbins <rdobbins () arbor net>

Current thread:

Re: GoDaddy : DoS :: Contact Jason LeBlanc (Aug 02)
- Re: GoDaddy : DoS :: Contact Mel Beckman (Aug 02)
  - Re: GoDaddy : DoS :: Contact Alistair Mackenzie (Aug 03)
    - Re: GoDaddy : DoS :: Contact Mel Beckman (Aug 03)
    - Re: GoDaddy : DoS :: Contact Roland Dobbins (Aug 03)
    - Re: GoDaddy : DoS :: Contact Mel Beckman (Aug 03)
    - Re: GoDaddy : DoS :: Contact Roland Dobbins (Aug 03)
  - Re: GoDaddy : DoS :: Contact Roland Dobbins (Aug 03)
  - Re: GoDaddy : DoS :: Contact Jason LeBlanc (Aug 03)