nanog mailing list archives
Re: Identifying DoS-attacked IP address(es)
From: "Christopher L. Morrow" <chris () UU NET>
Date: Mon, 16 Dec 2002 22:12:15 +0000 (GMT)
On Mon, 16 Dec 2002, James-lists wrote:
I am wondering how much help backbone providers give in identifying sources of a DoS and deciding what ACL's or rate-limits need to be placed to bring a DoS under control,
I'm sure you can look in the archives of this list for messages from me about this very thing... :) In short: "Every ISP should have 24/7 security support for customers under attack." That support should include, acls, null routes, tracking the attack to the ingress. Rarely do rate-limits do any good in the case of DoS attacks... (this part is a debate for another thread)
for their downstream clients. (Assuming it is their downstream clients that are being DoS'ed). I realize this will vary from provider to provider, I am just seeking peoples experiences with this issue.
it may vary, but there really should be an expected minimum standard.
James Edwards jamesh () cybermesa com At the Santa Fe Office: Internet at Cyber Mesa Store hours: 9-6 Monday through Friday Phone support 365 days till 10 pm via the Santa Fe office: 505-988-9200
Current thread:
- Re: Identifying DoS-attacked IP address(es), (continued)
- Re: Identifying DoS-attacked IP address(es) Christopher L. Morrow (Dec 16)
- Message not available
- Re: Identifying DoS-attacked IP address(es) Andre Chapuis (Dec 16)
- Re: Identifying DoS-attacked IP address(es) Christopher L. Morrow (Dec 16)
- Re: Identifying DoS-attacked IP address(es) Neil J. McRae (Dec 16)
- Re: Identifying DoS-attacked IP address(es) Christopher L. Morrow (Dec 16)
- Re: Identifying DoS-attacked IP address(es) Neil J. McRae (Dec 16)
- Re: Identifying DoS-attacked IP address(es) Christopher L. Morrow (Dec 16)
- Re: Identifying DoS-attacked IP address(es) Andre Chapuis (Dec 16)
- RE: Identifying DoS-attacked IP address(es) Livio Ricciulli (Dec 16)
- RE: Identifying DoS-attacked IP address(es) Christopher L. Morrow (Dec 16)
- Re: Identifying DoS-attacked IP address(es) James-lists (Dec 16)
- Re: Identifying DoS-attacked IP address(es) Christopher L. Morrow (Dec 16)
- Re: Identifying DoS-attacked IP address(es) James-lists (Dec 16)
- Re: Identifying DoS-attacked IP address(es) Feger, James (Dec 16)
- Re: Identifying DoS-attacked IP address(es) Christopher L. Morrow (Dec 16)
- Re: Identifying DoS-attacked IP address(es) Valdis . Kletnieks (Dec 16)
- Message not available
- RE: Identifying DoS-attacked IP address(es) Livio Ricciulli (Dec 16)