[AusNOG] UDP Flooding Issues

Phillip Grasso phillip.grasso at gmail.com
Thu Jun 19 13:23:53 EST 2008


well if it's an insignificant ISP and you wanted to do some
*extremely* dodgy, then via the return path advertise their ASN
(prepend the offending AN number) in your announcements. this will
force their routers to drop your routes as it should be a bgp loop
prevention mechanism. There are lots of things that might stop this
from happening, including route filters on in the path inbetween.

Otherwise the simplier method is to contact them or your isp to filter
to traffic in question.

2008/6/19 Sean K. Finn <Sean.Finn at ozservers.com.au>:
> Hi All,
>
>
>
> Does anyone know any techniqiues or ways to block BGP adverts to third party
> AS's, or a similar method for dropping routes *to* our AS from a distant,
> non directly connected AS ?
>
>
>
> For example, is there a way to inject or craft maybe a network unreachable
> message or something that we can send to the offending A.S. to remove their
> routing information for *our* network / AS / IP ranges?
>
>
>
> My scenario is that I'm trying to block UDP floods to our network, and I'm
> sure many of you have had experience with this. Im not looking for a total
> solution, although If you have any recommendations , that would be great.
> What I'm really after is just once peice of the puzzle to see if we can
> selectively choose which remote networks we are visible, as a direct first
> step to stopping attacks until a human can intervene.
>
>
>
> Cheers,
>
> Sean.
>
> ________________________________
>
> Oz Servers
> e: sean.finn at ozservers.com.au
> w: http://www.ozservers.com.au
> p: 1300 13 89 69
>
>
>
> /
>
> ________________________________
> _______________________________________________
> AusNOG mailing list
> AusNOG at ausnog.net
> http://www.ausnog.net/mailman/listinfo/ausnog
>
>



More information about the AusNOG mailing list