nanog mailing list archives

Previous By Date Next
Previous By Thread Next

BGP FlowSpec

From: Martin Bacher <ti14m028 () technikum-wien at>
Date: Thu, 21 Apr 2016 09:46:13 +0200
Dear Nanog Members,

My name is Martin Bacher. I am a Student at UAS Technikum-Wien and I am currently writing my master’s thesis with topic 
"Addressing DDoS Attacks with BGP FlowSpec“.

It would be very helpful for me if some of you could share information about the following topics:
- Intra-AS BGP FlowSpec deployment: Who is running it? For which kind of attacks are you using it? Are you only 
dropping or rate-limiting certain traffic or are you also using the redirect/remark capabilities? What are the 
limitations from your perspective? Are you facing any operational issues? How are you injecting the FlowSpec routes?
- Inter-AS: Who is running Inter-AS FlowSpec deployments? What is your experience? Are there any concerns regarding 
Inter-AS deployments? Has anyone done interop tests?

FlowSpec is usually only one part of the whole anti DDoS toolset. So I would also be interested in your answers to the 
following questions:
- How are you detecting DDoS attacks (Netflow, in-line probes, ..?) and which applications are you using for the 
analysis (Peakflow, Open-Source tools, ..?)
- Which countermeasures are you deploying in case of DDoS attacks? ACLs, FlowSpec, Blackhole routes, RTBH, scrubbing 
center, Cloud based DDoS services or anything else?
- What is your operational experience? How fast are you in deploying countermeasures? Do you have any automation or is 
this always triggered by people?

Last but not least: I am also looking for anonymized statistical data about DDoS attacks which I could use in the 
thesis. I am mainly interested in data about the type of attacks, attack time, sources, source and destination ports, 
and so on. I know this something which is generally not shared, so I would really appreciate it if someone would be 
able to share such data.

Please send me your answers either via pn or directly to the list. Please also let me know if you think that there is 
something missing. Any comment or answer is highly appreciated.

Looking forward to your replies.

Many thanks.

Greetings,
Martin
Previous By Date Next
Previous By Thread Next

Current thread: