Re: ddos attacks

[Paul Stewart <paul () paulstewart org>]

We use Arbor for this - works quite well…. Peakflow/TMS .. We don’t do
anything announcement wise upstream but don’t see why you couldn’t via
communities...

I’ve looked at one cloud based solution to date and decided appliance is a
better solution specific to our needs.

Paul

On 12/18/2013, 11:36 AM, "Dan White" <dwhite () olp net> wrote:

> Can anyone recommend a vendor solution for DDOS mitigation? We are looking
> for a solution that detects DDOS attacks from sflow information and
> automatically announces BGP /32 blackhole routes to our upstream
> providers,
> or a similar solution.
>
> Thank You.
>
> On 08/05/13 21:09 +1000, Ahad Aboss wrote:
> > Scott,
> >
> > Use a DDOS detection and mitigation system with DPI capabilities to deal
> > with traditional DDOS attack and anomalous behaviour such as worm
> > propagation, botnet attacks and malicious subscriber activity such as
> > flooding and probing. There are only a few vendors who successfully play
> > in
> > this space who provide a self healing/self defending system.
> >
> > Cheers
> > Ahad
> > -----Original Message-----
> > From: sgraun () airstreamcomm net [mailto:sgraun () airstreamcomm net]
> > Sent: Friday, 2 August 2013 11:37 PM
> > To: nanog () nanog org
> > Subject: ddos attacks
> >
> > I’m curious to know what other service providers are doing to
> > alleviate/prevent ddos attacks from happening in your network.  Are you
> > completely reactive and block as many addresses as possible or null0
> > traffic
> > to the effected host until it stops or do you block certain ports to
> > prevent
> > them.  What’s the best way people are dealing with them?
> >
> > Scott
>
> -- 
> Dan White