Re: DDOS solution recommendation

[Mike Hammett <nanog () ics-il net>]

I didn't necessarily think I was shattering minds with my ideas. 

I don't have the time to read a dozen presentations. 

Blackhole them and move on. I don't care whose feelings I hurt. This isn't kindergarten. Maybe "you" should have tried 
a little harder to not get a virus in the first place. Quit clicking on male enhancement ads or update your OS 
occasionally. I'm not going to spend a bunch of time and money to make sure someone's bubble of bliss doesn't get 
popped. Swift, effective, cheap. Besides, you're only cut off for 30 days. If in 30 days you can prove yourself to be 
responsible, we can try this again. Well, that or a sufficient support request. 

Besides, if enough people did hat, the list of blackholes wouldn't be huge as someone upstream already blocked them. 




----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 



----- Original Message -----

From: "Roland Dobbins" <rdobbins () arbor net> 
To: nanog () nanog org 
Sent: Sunday, January 11, 2015 9:29:33 AM 
Subject: Re: DDOS solution recommendation 


On 11 Jan 2015, at 22:21, Mike Hammett wrote: 

> I'm not saying what you're doing is wrong, I'm saying whatever the 
> industry as a whole is doing obviously isn't working and perhaps a 
> different approach is required. 

You haven't recommended anything new, and you really need to do some 
reading in order to understand why it isn't as simple as you seem to 
think it is. 

> Security teams? My network has me, myself and I. 

And a relatively small network, too. 

> If for example ChinaNet's abuse department isn't doing anything about 
> complains, eventually their whole network gets blocked a /32 at a 
> time. *shrugs* Their loss. 

Again, it isn't that simple. 

----------------------------------- 
Roland Dobbins <rdobbins () arbor net>