[AusNOG] DDOS mitigation

Phillip Grasso phillip.grasso at gmail.com
Sun May 12 15:32:16 EST 2013


On 12/05/2013 10:15 AM, "Joshua D'Alton" <joshua at railgun.com.au> wrote:
>
> good points. and this is why it falls back on the originating networks to
fix their problems ie udp spoof so that they arent sending so much traffic
in the first place. obviously not much of a fix and they have no motivation
to ( more traffic out = more transit sold to downstreams).. but...
>

There  are plenty of examples of large scale 30G+ attacks non spoofed
attacks.

If for example it's a state sponsored attack, the originator of the traffic
and their sp would have little intention of shutting down the service. This
might be a fringe usecase until it affects you.

We need to get with reality that the trusted well behaved internet players
is in yesteryear. The bad guys were just deaggregating cidr blocks costing
you a little bit more router memory and convergence time to modern reality
that route hijacking, ddos, and infrastructure based attacks are common
place.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130512/daaf83aa/attachment.html>


More information about the AusNOG mailing list