Daniel,On the subject of DDoS mitigation: This is more complex than it looks. I remember an effort 10 years ago to improve NOC-NOC communications in general and to facilitate the exchange of tickets in particluar. The people involved were all well-meaning and very enthousiastic. Still it was not very successful. At the end-of-the-day a NOC will listen to its customers and talk with its peers (most of the time). Any attempt to break that pattern is an up-hill struggle. It may be worthwhile but it needs to be very convincing to stand a chance.
The nsp-security list worked quite well during the latest SQL worm attack. With over 300 people from about 200 ISP/NSPs active, the worm was seen within 30 minutes and ACL recommendations were sent out and the attack was much more short lived than the previous Code Red attack (12 hours vs about 3 days).
Those interested in joining should read closely:
http://puck.nether.net/mailman/listinfo/nsp-security
-Hank
---------------------------------------------------------------------
EuroNOG: http://www.euronog.org/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
