RE: UUNet Offer New Protection Against DDoS

["Lumenello, Jason" <jlumenello () xo com>]

> -----Original Message-----
> From: Christopher L. Morrow [mailto:christopher.morrow () mci com]
> Sent: Thursday, March 04, 2004 11:50 AM
> To: Lumenello, Jason
> Cc: Suresh Ramasubramanian; Randy Bush; nanog () merit edu
> Subject: RE: UUNet Offer New Protection Against DDoS
>
>
> On Thu, 4 Mar 2004, Lumenello, Jason wrote:
>
> > No, but it sounds like SLA payouts are made in the event that they
fail
> > to respond in 15 minutes after a call is made. Maybe I am
>
> fail to get you in touch with 'security expertise' in 15 minutes...
>
> > misinterpreting their SLA, but this seems much different then
offering
> > blanket payments for DoS down time.
>
> downtime is seperate from this SLA.
>
> > I will give them credit for guaranteeing a response in 15 minutes or
> > less. Now is a response the opening of a ticket or the null routing
of
> > the attack traffic in 15 minutes?
>
> Just speaking to an engineer that can help you. There is no way to
> guarantee and end to a DoS in any reasonable amount of time ;( For
> instance, Suresh's main 'job' is email, so null routing his MX hosts
will
> stop the attack, but it is hardly desirable, eh? Same for filtering
tcp/25
> syn packets :(
>
> There is no magic here, you all are smart enough to understand how DoS
> works, how to stop it and the complications inherent in both.

Well, kudos to you guys for raising the SLA bar to include this
provision then.

Jason