Re: UDP port 80 DDoS attack

["Dobbins, Roland" <rdobbins () arbor net>]

On Feb 8, 2012, at 8:07 PM, bas wrote:

> As far as I see it S/RTBH is in no way a solution against smart attackers, of course it does help against all the 
> kiddie attacks out
> there.

Once again, I've used S/RTBH myself and helped others use it many, many times, including to defend against attacks with 
shifting purported source IPs.  flowspec, IDMS and other tools are very useful as well, but S/RTBH is supported on a 
lot of hardware, if operators choose to configure it.

It is not a panacea.  It is one tool in the toolbox.  

Folks can either choose to make use of it or choose not to do so; it is operationally proven, it does work, and it's 
certainly better than nothing.  YMMV.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

          Luck is the residue of opportunity and design.

                       -- John Milton