Re: DDOS solution recommendation

[Pavel Odintsov <pavel.odintsov () gmail com>]

Hello!

If you speaking about ISP "filtering" you should check your subnets
and ASN here: https://radar.qrator.net

I was really amazed amount of DDoS bots/amplificators in my network.

On Sun, Jan 11, 2015 at 6:47 PM, Michael Hallgren <m.hallgren () free fr> wrote:
> Le 11/01/2015 14:50, Patrick W. Gilmore a écrit :
> > I agree with lots said here.
> >
> > But I've said for years (despite some people saying I am confused) that BCP38 is the single most important thing we 
> > can do to cut DDoS.
> >
> > No spoofed source means no amplification. It also stops things like Kaminsky DNS attacks.
> >
> > There is no silver bullet. Security is a series of steps ("layers" as one highly respected security professional has 
> > in his .sig). But the most important layer, the biggest bang for the buck we can do today, is eliminated spoofed 
> > source.
> >
> > Push on your providers. Stop paying for transit from networks that do not filter ingress, put it in your RFPs, and 
> > reward those who do with contracts. Make it economically advantageous to fix the problem, and people will.
>
> +1
> mh
> >



-- 
Sincerely yours, Pavel Odintsov