[AusNOG] network security Question

Chris Chaundy chris.chaundy at gmail.com
Wed May 21 10:21:54 EST 2014


If you are getting flooded with icmp, blocking/rate-limiting at your border
is pretty well pointless as the damage is already done - your link is toast
and the attackers don't give a damn about replies.

And talking about DNS, don't even get started on NTP!!!  SIgh...


On Wed, May 21, 2014 at 10:15 AM, Joshua D'Alton <joshua at railgun.com.au>wrote:

> Some places do this, Linode I believe in some locations (or perhaps their
> carriers/DCs?), just have to remember said hop (XYZ router(s) will always
> have some loss (usually 30%, its consistent). And what level, well
> presumably layer 3 ACLs?
>
>
> On Wed, May 21, 2014 at 10:08 AM, Alex Samad - Yieldbroker <
> Alex.Samad at yieldbroker.com> wrote:
>
>> With the icmp, I was more thinking about rate limiting, all nice to allow
>> it through, but I also rate limit.  Haven't got any shaping on, but I would
>> be de prioritising a lot of icmp
>>
>> Just wondering what sort of level do (if they do) rate limit icmp to
>>
>>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140521/0c94292d/attachment.html>


More information about the AusNOG mailing list