[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
UDP port 80 DDoS attack
- Subject: UDP port 80 DDoS attack
- From: rdobbins at arbor.net (Dobbins, Roland)
- Date: Mon, 6 Feb 2012 01:43:52 +0000
- In-reply-to: <CABO8Q6QuoU6=0YfaLH_ZcMHwN-hOcWSJhQ1nZXJEFRiRonsJBA@mail.gmail.com>
- References: <7F48F1B1D2983A49AFC2A39FAC634039AE924E9CF1@miles-exch01.miles.office> <CABO8Q6TFRhXY-aLB4URW6e-iUu8Wd1z2RidOsUzr8+QrQkqmvw@mail.gmail.com> <[email protected]> <CABO8Q6S=OiE-dbw-MstMe5tDwX4Sk+qJY=pHNkB0VWgQ=tQr=Q@mail.gmail.com> <[email protected]> <CABO8Q6QuoU6=0YfaLH_ZcMHwN-hOcWSJhQ1nZXJEFRiRonsJBA@mail.gmail.com>
On Feb 6, 2012, at 8:37 AM, Keegan Holley wrote:
> Source RTBH often falls victim to rapidly changing or spoofed source IP"s.
S/RTBH can be rapidly shifted in order to deal with changing purported source IPs, and it isn't limited to /32s. It's widely supported on Cisco and Juniper gear (flowspec is a better choice on Juniper gear).
If folks don't want to read the presos or search through the archives, that's fine, of course. The fact is that there are quite a few things that operators can and should do in order to mitigate DDoS attacks; and making the perfect the enemy of the merely good only helps the attackers, doesn't it?
;>
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
The basis of optimism is sheer terror.
-- Oscar Wilde