Re: UDP port 80 DDoS attack

[Keegan Holley <keegan.holley () sungard com>]

Providers don't even check the registries for bgp advertisements. See the thread on hijacked routes for proof.   Not to 
mention how do you handle a small transit AS?  Do you trust that they have the correct filters as well?  Do you start 
reading their AS paths and try to filter based on the registry for folks down stream?  Then there's the RLDRAM issue.  
Most edge boxes will just run out if ACL's.  Lastly there's no contractual obligation to play traffic cop for the 
entire Internet so providers would be dropping traffic that they can legitimately bill for.

Sent from my iPhone

On Feb 8, 2012, at 4:56 AM, George Bonser <gbonser () seven com> wrote:

> > No, we have registries to act as registries, the ISPs should be
> > checking them, and double checking.  It isn't something that is going
> > to change every day or every week. Once you get it set up, it is going
> > to be stable for a while.  Sure, it means a little more work in setting
> > up a customer, but it also means that if all your neighbors do the same
> > thing, you field many fewer calls dealing with stupid DoS crap.
>
> I'll put it another way. Any provider that does not police their customer traffic has no business whining about DoS 
> problems.