I like Jack's point. Setting up your DNS with Cloudflare is half of the solution. The other half (as he mentioned) is getting new IP addresses, since the bad guys already know the old IP addresses.
We have also noticed FAR fewer attacks on our servers since switching to Cloudflare. Attacks have gone down more than 90% on the servers protected (proxied) by Cloudflare. (It is probably more like 99%). Chris On Wed, Feb 18, 2015 at 12:28 PM, Csaba Toth <csaba.toth...@gmail.com> wrote: > The problem is often it's not that easy to block the traffic. In case of > DNS amplification you maybe able to block some DNS servers (there's a list > of them which can be used for amplification). But if the attackers rented a > botnet, then the packets can come from everywhere. > > On Wed, Feb 18, 2015 at 7:07 AM, Drew from Zhrodague < > drewzhroda...@zhrodague.net> wrote: > >> On 2/18/15 1:06 AM, Jack Coats wrote: >> >>> My suggestion is basically 'all of the above'. >>> --------------------- >>> Set up with cloudflare, update DNS to point to cloud flare, get new IP's >>> and point cloud flare to it. >>> Also notify CERT and FBI. >>> >> >> Luckily, Pittsburgh, where I now live, has the NCFTA, which is >> related in some way to the FBI. Nice guys down there. >> >> An easy solution to being DDOS'd, is to call your upstream >> provider, and ask them nicely to block the offending traffic. This worked >> great for me inside AWS when we pissed off a bunch of kids, and they tried >> to shut us down. One phone call, and they blocked that traffic at their >> border routers. >> >> >> -- >> >> Drew from Zhrodague >> post-apocalyptic ad-hoc industrialist >> d...@zhrodague.net >> >> -- >> -- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To post to this group, send email to nlug-talk@googlegroups.com >> To unsubscribe from this group, send email to nlug-talk+unsubscribe@ >> googlegroups.com >> For more options, visit this group at http://groups.google.com/ >> group/nlug-talk?hl=en >> >> --- You received this message because you are subscribed to the Google >> Groups "NLUG" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to nlug-talk+unsubscr...@googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. >> > > -- > -- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To post to this group, send email to nlug-talk@googlegroups.com > To unsubscribe from this group, send email to > nlug-talk+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/nlug-talk?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to nlug-talk+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
