Hello!
If you speaking about ISP "filtering" you should check your subnets
and ASN here: https://radar.qrator.net
I was really amazed amount of DDoS bots/amplificators in my network.
On Sun, Jan 11, 2015 at 6:47 PM, Michael Hallgren <m.hallg...@free.fr> wrote:
> Le 11/01/2015 14:50, Patrick W. Gilmore a écrit :
>> I agree with lots said here.
>>
>> But I've said for years (despite some people saying I am confused) that
>> BCP38 is the single most important thing we can do to cut DDoS.
>>
>> No spoofed source means no amplification. It also stops things like Kaminsky
>> DNS attacks.
>>
>> There is no silver bullet. Security is a series of steps ("layers" as one
>> highly respected security professional has in his .sig). But the most
>> important layer, the biggest bang for the buck we can do today, is
>> eliminated spoofed source.
>>
>> Push on your providers. Stop paying for transit from networks that do not
>> filter ingress, put it in your RFPs, and reward those who do with contracts.
>> Make it economically advantageous to fix the problem, and people will.
>
> +1
> mh
>>
>
--
Sincerely yours, Pavel Odintsov
