I don't know of any internet access services that provide a SLA against DDoS.
Jeff On Fri, Jul 10, 2009 at 10:57 PM, Christopher Morrow<morrowc.li...@gmail.com> wrote: > On Fri, Jul 10, 2009 at 6:38 PM, Jeffrey > Lyon<jeffrey.l...@blacklotus.net> wrote: >> Fact: Filtering TCP/80 attacks is a 3 to 4 figure job, sometimes even 5 >> figure. > > I was actually being serious, it's not, it doesn't have to, and in the > case that started this discussion it probably would have been > sufficient to just drop tcp/80 to his link since I would be it's > 'business dsl' so he gets an 'SLA' not so he can run a business > critical web service there. > > There are services you can buy that are a lot more expensive, but why > would you? if there are options that are more relevant and cheaper... > and in line with what you want. You can certainly pay more if you want > to, I'm not sure that's the smart choice though. > > -Chris > >> On Fri, Jul 10, 2009 at 6:16 PM, Christopher >> Morrow<morrowc.li...@gmail.com> wrote: >>> On Fri, Jul 10, 2009 at 5:49 PM, Luan Nguyen<l...@netcraftsmen.net> wrote: >>>> Filter like in using the Cisco Guard of sort, to send the good traffic back >>>> to the customers? And that service is <cough>free through vzb?</cough> >>> >>> as in: "find some way to keep the customer alive and kicking" >>> >>> which might be: >>> 1) null route bad destination if no one cares about it >>> 2) acl the traffic upstream if it's not to something you care about >>> (but need the ip to work) >>> 3) guard/mitigate traffic and redeliver (which has some limitations or did) >>> >>> all of that is free to 701 customers, yes. if you have to get to step3 >>> more than a few times I'm sure sales will want you to pay, since that >>> part isn't 'free' to the company. >>> >>> point being, dropping tcp/80 syn traffic isn't hard, and it's >>> routinely done at customer request. (or was when I was doing it there) >>> >>> -chris >>> >>> ---------------------------------- >>>> >>>> >>>> -----Original Message----- >>>> From: Christopher Morrow [mailto:morrowc.li...@gmail.com] >>>> Sent: Friday, July 10, 2009 5:40 PM >>>> To: Jeffrey Lyon >>>> Cc: nanog@nanog.org; Charles Wyble >>>> Subject: Re: Request for contact and procedure information >>>> >>>> On Fri, Jul 10, 2009 at 5:12 PM, Jeffrey >>>> Lyon<jeffrey.l...@blacklotus.net> wrote: >>>>> Would what? Null route the IP? I'm talking about actually filtering the >>>>> attack. >>>> >>>> as was I. (talking about filtering the attack) >>>> >>>>> On Jul 10, 2009 5:10 PM, "Christopher Morrow" <morrowc.li...@gmail.com> >>>>> wrote: >>>>> >>>>> On Fri, Jul 10, 2009 at 2:11 AM, Jeffrey Lyon<jeffrey.l...@blacklotus.net> >>>>> wrote: > All, > > There a... >>>>> >>>>> <cough>uunet/vzb would/will</cough> >>>>> >>>>> (for free most times even) >>>>> >>>> >>>> >>> >> >> >> >> -- >> Jeffrey Lyon, Leadership Team >> jeffrey.l...@blacklotus.net | http://www.blacklotus.net >> Black Lotus Communications of The IRC Company, Inc. >> >> Look for us at HostingCon 2009 in Washington, DC on August 10th - 12th >> at Booth #401. >> > -- Jeffrey Lyon, Leadership Team jeffrey.l...@blacklotus.net | http://www.blacklotus.net Black Lotus Communications of The IRC Company, Inc. Look for us at HostingCon 2009 in Washington, DC on August 10th - 12th at Booth #401.
