nanog mailing list archives
Re: ddos attack blog
From: Paul Ferguson <fergdawgster () mykolab com>
Date: Thu, 13 Feb 2014 09:30:06 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2/13/2014 9:06 AM, Cb B wrote:
Good write up, includes name and shame for AT&T Wireless, IIJ, OVH, DTAG and others http://blog.cloudflare.com/technical-details-behind-a-400gbps-ntp-amplification-ddos-attack Standard plug for http://openntpproject.org/ and http://openresolverproject.org/ and bcp38 , please fix/help. For those of you paying attention to the outage list, this is a pretty big deal that has had daily ramification for some very big networks https://puck.nether.net/pipermail/outages/2014-February/date.html In general, i think UDP is doomed to be blocked and rate limited -- tragedy of the commons. But, it would be nice if folks would just fix the root of the issue so the rest of us don't have go there...
The alternative is get people to understand that anti-spoofing is good, and efforts to combat spoofing should be encouraged. - - ferg - -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlL9AR4ACgkQKJasdVTchbJZYwEAivI00Yq7RSMze74GFQKEyCeH pS2s8TH0ba08NWKC22AA/jyN35xonJBzldJA8/xlzhnuLnyOFB0Y7GKZ8NiqRiRl =ItxR -----END PGP SIGNATURE-----
Current thread:
- ddos attack blog Cb B (Feb 13)
- Re: ddos attack blog Jared Mauch (Feb 13)
- Re: ddos attack blog Paul Ferguson (Feb 13)
- Re: ddos attack blog John (Feb 13)
- Re: ddos attack blog Jared Mauch (Feb 13)
- Re: ddos attack blog Mark Tinka (Feb 14)
- Re: ddos attack blog Wayne E Bouchard (Feb 14)
- Permitting spoofed traffic [Was: Re: ddos attack blog] Paul Ferguson (Feb 14)
- Re: Permitting spoofed traffic [Was: Re: ddos attack blog] Joe Provo (Feb 14)
- Re: Permitting spoofed traffic [Was: Re: ddos attack blog] Paul Ferguson (Feb 14)
- Re: Permitting spoofed traffic [Was: Re: ddos attack blog] Jeff Kell (Feb 14)
- Re: ddos attack blog Jared Mauch (Feb 13)
- Message not available
- Re: Permitting spoofed traffic [Was: Re: ddos attack blog] Larry Sheldon (Feb 14)
- Re: Permitting spoofed traffic [Was: Re: ddos attack blog] Paul Ferguson (Feb 14)