> > What processes and/or tools are large networks using to > > identify and limit the impact of DDoS attacks? > > A great deal of thought is being expended on this question, I am certain, > however, how many of these thought campaings have born significant fruit yet, > I do not know.
How about the following : We develop a new community , being fully transitive (666 would be appropriate ) and either build into router code or create a route map to null route anything that contains this community. The effect of this being the distribution of the force of the attack. This aside, how effective would be using a no export community with ones peers (being non transitive, it would still distribute the force of the attack).