nanog mailing list archives
RE: attacking DDOS using BGP communities?
From: alex () yuriev com
Date: Fri, 18 Oct 2002 10:35:02 -0400 (EDT)
701 has a blackhole community, 701:9999, basically it sets the next-hop to something blackholed on their edge so the DOS attack gets dropped as soon as it hits them. I have made use of this to kill at least one DDOS event. A global blackhole community may be difficult to achieve, but getting the majority of large providers to implement one is a good start.
Brilliant solution - lets stop DDOS attack on the customer by denying service to the customer is a non-distributed way. Alex
Current thread:
- attacking DDOS using BGP communities? Saku Ytti (Oct 17)
- Message not available
- Re: attacking DDOS using BGP communities? Saku Ytti (Oct 18)
- Message not available
- Re: attacking DDOS using BGP communities? Saku Ytti (Oct 18)
- Re: attacking DDOS using BGP communities? Saku Ytti (Oct 18)
- Message not available
- Re: attacking DDOS using BGP communities? Iljitsch van Beijnum (Oct 22)
- Re: attacking DDOS using BGP communities? Hank Nussbacher (Oct 22)
- <Possible follow-ups>
- RE: attacking DDOS using BGP communities? Frank Scalzo (Oct 18)
- RE: attacking DDOS using BGP communities? Jason Lixfeld (Oct 18)
- RE: attacking DDOS using BGP communities? alex (Oct 18)
- RE: attacking DDOS using BGP communities? Christopher L. Morrow (Oct 18)
- RE: attacking DDOS using BGP communities? alex (Oct 18)
- RE: attacking DDOS using BGP communities? Jason Lixfeld (Oct 18)