[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Ransom DDoS attack - need help!

Subject: Ransom DDoS attack - need help!
From: rdobbins at arbor.net (Roland Dobbins)
Date: Thu, 10 Dec 2015 13:51:45 +0700
In-reply-to: <CAKDS_tnQuFzDj=9QZWO=cDFsf4qnHU2+O1=QtUnkpthZ15TGDg@mail.gmail.com>
References: <CAKDS_tnQuFzDj=9QZWO=cDFsf4qnHU2+O1=QtUnkpthZ15TGDg@mail.gmail.com>

On 10 Dec 2015, at 13:21, Joe Morgan wrote:

> We have custom in house software that watches the traffic flows from 
> our edge routers and automatically blackholes any ip getting targeted.

Suggest you take a look at the presos I posted earlier and look into 
S/RTBH, flowspec, some limited QoS, and some preemptive ACLs so that you 
aren't forced into completing the DDoS.

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>

References:
- Ransom DDoS attack - need help!
  - From: joe at joesdatacenter.com (Joe Morgan)

Prev by Date: Ransom DDoS attack - need help!
Next by Date: Ransom DDoS attack - need help!
Previous by thread: Ransom DDoS attack - need help!
Next by thread: Ransom DDoS attack - need help!
Index(es):
- Date
- Thread