nanog mailing list archives
Re: DDoS auto-mitigation best practices (for eyeball networks)
From: Mehmet Akcin <mehmet () akcin net>
Date: Sat, 19 Sep 2015 13:09:47 -0700
How does he/she become target? How does IP address gets exposed? I guess simplest way is to reboot modem and hope to get new ip (or call n request) Mehmet
On Sep 19, 2015, at 12:54, Frank Bulk <frnkblk () iname com> wrote: Could the community share some DDoS auto-mitigation best practices for eyeball networks, where the target is a residential broadband subscriber? I'm not asking so much about the customer communication as much as configuration of any thresholds or settings, such as: - minimum traffic volume before responding (for volumetric attacks) - minimum time to wait before responding - filter percentage: 100% of the traffic toward target (or if volumetric, just a certain percentage)? - time before mitigation is automatically removed - and if the attack should recur shortly thereafter, time to respond and remove again - use of an upstream provider(s) mitigation services versus one's own mitigation tools - network placement of mitigation (presumably upstream as possible) - and anything else I ask about best practice for broadband subscribers on eyeball networks because it's different environment than data center and hosting environments or when one's network is being used to DDoS a target. Regards, Frank
Current thread:
- DDoS auto-mitigation best practices (for eyeball networks) Frank Bulk (Sep 19)
- Re: DDoS auto-mitigation best practices (for eyeball networks) Mehmet Akcin (Sep 19)
- Re: DDoS auto-mitigation best practices (for eyeball networks) Mike Hammett (Sep 19)
- Re: DDoS auto-mitigation best practices (for eyeball networks) Patrick Muldoon via NANOG (Sep 19)
- RE: DDoS auto-mitigation best practices (for eyeball networks) frnkblk (Sep 21)
- Re: DDoS auto-mitigation best practices (for eyeball networks) Chase Christian (Sep 22)
- Re: DDoS auto-mitigation best practices (for eyeball networks) Randy via NANOG (Sep 19)
- Re: DDoS auto-mitigation best practices (for eyeball networks) Roland Dobbins (Sep 19)
- Re: DDoS auto-mitigation best practices (for eyeball networks) alvin nanog (Sep 20)
- Re: DDoS auto-mitigation best practices (for eyeball networks) Mehmet Akcin (Sep 19)