nanog mailing list archives
Re: UDP port 80 DDoS attack
From: Keegan Holley <keegan.holley () sungard com>
Date: Wed, 8 Feb 2012 10:53:16 -0500
2012/2/8 Dobbins, Roland <rdobbins () arbor net>
On Feb 8, 2012, at 8:07 PM, bas wrote:As far as I see it S/RTBH is in no way a solution against smartattackers, of course it does help against all the kiddie attacks outthere.Once again, I've used S/RTBH myself and helped others use it many, many times, including to defend against attacks with shifting purported source IPs. flowspec, IDMS and other tools are very useful as well, but S/RTBH is supported on a lot of hardware, if operators choose to configure it. It is not a panacea. It is one tool in the toolbox. Folks can either choose to make use of it or choose not to do so; it is operationally proven, it does work, and it's certainly better than nothing. YMMV.
I agree. I think RTBH is a broadsword not a scalpel. It's a tool in the tool box and there is a danger of dropping legitimate traffic with both S/RTBH and D/RTBH. BGP isn't a security protocol. It's not even that great of a routing protocol.
Current thread:
- Re: UDP port 80 DDoS attack, (continued)
- Re: UDP port 80 DDoS attack Steve Bertrand (Feb 09)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 09)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 08)
- Re: UDP port 80 DDoS attack Christopher Morrow (Feb 08)
- RE: UDP port 80 DDoS attack George Bonser (Feb 08)
- Re: UDP port 80 DDoS attack Mark Andrews (Feb 08)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 08)
- Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 08)
- Re: UDP port 80 DDoS attack bas (Feb 08)
- Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 08)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 08)
- Re: UDP port 80 DDoS attack Steve Bertrand (Feb 05)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 05)
- Re: UDP port 80 DDoS attack Steve Bertrand (Feb 05)
- Re: UDP port 80 DDoS attack Jeff Wheeler (Feb 05)
- Re: UDP port 80 DDoS attack dennis (Feb 06)
- Re: UDP port 80 DDoS attack Sven Olaf Kamphuis (Feb 06)
- Re: UDP port 80 DDoS attack Jeff Wheeler (Feb 06)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 06)
- Re: UDP port 80 DDoS attack Joe Greco (Feb 07)
- RE: UDP port 80 DDoS attack George Bonser (Feb 07)