Going to the links I provided is a good start.
----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "Sean Heskett" <af...@zirkel.us> To: af@afmug.com Sent: Friday, October 21, 2016 11:26:42 AM Subject: Re: [AFMUG] Another large DDoS, Stop Being a Dick I think instead of naming and shaming you'd get more traction if you informed and taught them how to prevent and stop this traffic. Many WISPs don't have the technical know how (or time) to even realize it's happening. They are just trying to get customers connected. I know my network isn't perfect and I'd gladly submit a list of subnets I control to a group that would be willing to tell me what's wrong and how I can fix it so I'm not part of the problem. 2 cents -Sean On Friday, October 21, 2016, Mike Hammett < af...@ics-il.net > wrote: There's another large DDoS going on now. Go to this page to see if you can be used for UDP amplification (or other spoofing) attacks: https://www.caida.org/projects/spoofer/ Go to these pages for more longer term bad behavior monitoring: https://www.shadowserver.org/wiki/ https://radar.qrator.net/ Maybe we need to start a database of ASNs WISPs are using and start naming and shaming them when they have bad actors on their network. This is serious, people. Take it seriously. ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP