Yeah, other than calling your provider, not too much else you can do....
Bandwidth will still be consumed no mater how much "fence" you put up.
One thing I've been thinking of ( for future use ) is upgrading my
backup T1 to a ds3 to match my current bandwidth requirements. Then when
someone DDoS's me.... I can cutover the circuit and resume business on a
different cidr block. Just hope they use IP addresses vs. dns naming.
I assume I can do this now with my DR setup, but not all services are
running there.......
I'll definitely be watching this thread for other suggestions as well.
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
Sent: Tuesday, April 15, 2008 5:00 PM
To: security-basics@securityfocus.com
Subject: Tactics for surviving heavy DDoS attack?
I haven't been able to find any information regarding how to survive a
sustained heavy DDoS attack (ie. greater than 2G/sec) from a providers
perspective. I see a lot of information on what DDoS is, how not to be
an amplifier, etc, but not much on best practice router/switch configs,
hardware/solutions to stay alive during a DDoS attack, etc.
If you are an ISP, other than calling your upstream provider to null
route the target IP, what other options are available?
-offset
This email, its contents and attachments contain information from j2 Global
Communications, Inc. and/or its affiliates which may be privileged,
confidential or otherwise protected from disclosure. The information is
intended to be for the addressee(s) only. If you are not an addressee, any
disclosure, copy, distribution, or use of the contents of this message is
prohibited. If you have received this email in error please notify the sender
by reply e-mail and delete the original message and any copies. j2 Global
Communications. 6922 Hollywood Blvd., Hollywood, CA 90028.
