nanog mailing list archives

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

From: Chris Woodfield <rekoil () semihuman com>
Date: Sun, 25 Sep 2016 11:46:40 -0700

On Sep 24, 2016, at 7:47 AM, John Levine <johnl () iecc com> wrote:

Well...by anycast, I meant BGP anycast, spreading the "target"
geographically to a dozen or more well connected/peered origins.  At that
point, your ~600G DDoS might only be around


anycast and tcp? the heck you say! :)


People who've tried it say it works fine.  Routes don't flap that often.


There are a number of companies terminating anycasted TCP endpoints without issue. It’s not exactly turnkey, but it’s 
hardly black magic either. 

Here’s Nick Holt @Microsoft presenting their experience: https://www.youtube.com/watch?v=40MONHHF2BU 
<https://www.youtube.com/watch?v=40MONHHF2BU> 

-Chris

Current thread:

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey, (continued)
- - - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mark Andrews (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey ryan landry (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Patrick W. Gilmore (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Livingood, Jason (Sep 26)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Dale W. Carder (Sep 27)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Eygene Ryabinkin (Sep 27)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Baldur Norddahl (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Nick Hilliard (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Eliot Lear (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Ca By (Sep 24)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Chris Woodfield (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Owen DeLong (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mark Andrews (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Owen DeLong (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey John R. Levine (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey jim deleskie (Sep 23)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Chris Adams (Sep 23)
  - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Filip Hruska (Sep 23)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Alex Wacker (Sep 23)
  - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mel Beckman (Sep 23)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Simon Lockhart (Sep 23)

(Thread continues...)