mailing list archives
Re: Are we really this helpless? (Re: isprime DOS in progress)
From: Jeffrey Lyon <jeffrey.lyon () blacklotus net>
Date: Fri, 23 Jan 2009 21:13:33 -0500
I respectfully disagree. Network engineers have to keep up with many
tasks and preventing DoS/DDoS should be the responsibility of
everyone. I see more folks worried about spam than they are actual
My two cents.
Jeffrey Lyon, Leadership Team
jeffrey.lyon () blacklotus net | http://www.blacklotus.net
Black Lotus Communications of The IRC Company, Inc.
Look for us at HostingCon 2009 in Washington, DC on August 10th - 12th
at Booth #401.
On Fri, Jan 23, 2009 at 9:05 PM, Seth Mattinen <sethm () rollernet us> wrote:
Noel Butler wrote:
On Sat, 2009-01-24 at 07:21, Chris McDonald wrote:
We [AS3491] null0'd the IP earlier. Rest-of-world encouraged to do the
Wrong approach, they are *innocent* in this as are the new targets.
insert into your favourite acl:
deny udp host 126.96.36.199 neq 53 any eq 53
deny udp host 188.8.131.52 neq 53 any eq 53
But it's much less work to add a filter on the name server as others
Having the world trying to keep up with ACL entries seems futile. Is there
really nothing to be done about this? (Yes, I know, BCP38, but obviously the
accomplice providers don't care.)
- Re: isprime DOS in progress, and Re: DNS Amplification attack?, (continued)