Dear nanog members,
As current maintainer of DroneBL I happen to receive a lot of unwanted
packets in the form of DDoS attacks, now the DDoS itself is not the real
problem, dealing with it the fast way is.
Now most of you would think: Just filter it, put a big firewall in front
of it, bla bla
On Sun, 13 Mar 2011, Alexander Maassen wrote:
Why o why are isp's and hosters so ignorant in dealing with such issues
and act like they do not care?
they don't act like they do not care. they really *don't* care. no acting.
1) you're not a direct customer, why should they do anything? by
Why o why are isp's and hosters so ignorant in dealing with such issues
and act like they do not care?
they don't act like they do not care. they really *don't* care. no acting.
Well now, I'd say this varies considerably. There are definitely ISPs
that care and *do* work hard at reducing
On Sun, 13 Mar 2011 05:39:02 -0700 (PDT)
goe...@anime.net wrote:
On Sun, 13 Mar 2011, Alexander Maassen wrote:
Why o why are isp's and hosters so ignorant in dealing with such
issues and act like they do not care?
they don't act like they do not care. they really *don't* care. no
acting.
* Alexander Maassen:
In most cases the only thing the abuse@ contacts do as hoster, is relay
the mail to the client but do not dare to do anything themself, even if
you provide them with a shitload of logs, even if you call them and say
that the attack from their source is still continueing,
On 3/13/2011 8:39 AM, goe...@anime.net wrote:
On Sun, 13 Mar 2011, Alexander Maassen wrote:
Why o why are isp's and hosters so ignorant in dealing with such issues
and act like they do not care?
they don't act like they do not care. they really *don't* care. no
acting.
1) you're not a
On Sun, Mar 13, 2011 at 7:45 AM, Alexander Maassen
outsi...@scarynet.org wrote:
In most cases the only thing the abuse@ contacts do as hoster, is relay
the mail to the client but do not dare to do anything themself, even if
The RIPE IRR database contains a systemic means for operators,
On 3/13/11 8:36 AM, Andrew Kirch wrote:
On 3/13/2011 8:39 AM, goe...@anime.net wrote:
On Sun, 13 Mar 2011, Alexander Maassen wrote:
Why o why are isp's and hosters so ignorant in dealing with such issues
and act like they do not care?
they don't act like they do not care. they really *don't*
On Sat, Mar 12, 2011 at 8:44 PM, Jeff Wheeler j...@inconcepts.biz wrote:
On Sat, Mar 12, 2011 at 7:27 PM, William Herrin b...@herrin.us wrote:
That must be my mistake then, because I thought the exercise was
building it in a way that it stays built for the maximum practical
number of years.
Please ping me off list. I'm in urgent need of escalation of a xcon.
Thx
Chris
cmcdon...@pccwglobal.com
--
Sent from my mobile device
On 3/13/11 7:45 AM, Alexander Maassen wrote:
Why o why are isp's and hosters so ignorant in dealing with such issues
and act like they do not care?
Because network operators rarely get together and turn off routing to
abusive hosting. On the few occasions that has happened, it took years
of
On Sun, Mar 13, 2011 at 1:27 PM, Christopher Morrow
morrowc.li...@gmail.com wrote:
there's probably a different need in TOR and BO/SOHO locations than
core devices, eh?
In today's backbone, this is certainly true. Feature-driven upgrades
shouldn't be much of a factor for P boxes today, because
On Sun, Mar 13, 2011 at 2:11 PM, Jeff Wheeler j...@inconcepts.biz wrote:
On Sun, Mar 13, 2011 at 1:27 PM, Christopher Morrow
morrowc.li...@gmail.com wrote:
there's probably a different need in TOR and BO/SOHO locations than
core devices, eh?
In today's backbone, this is certainly true.
On 3/13/11 7:02 AM, sth...@nethelp.no wrote:
Well now, I'd say this varies considerably. There are definitely ISPs
that care and*do* work hard at reducing abuse. But even so - assuming
I'm an ISP that cares,
- You're presenting me with evidence of abuse. OK, I don't know you.
Why should I
On 3/13/2011 1:24 PM, Joel Jaeggli wrote:
On 3/13/11 8:36 AM, Andrew Kirch wrote:=
Is it time for another notion of self-defense in responding
to/retaliating against a DDoS attack of sufficient strength to hold down
a large network, or resource?
Because there just aren't enough internet
* Jeff Wheeler:
On Sun, Mar 13, 2011 at 7:45 AM, Alexander Maassen
outsi...@scarynet.org wrote:
In most cases the only thing the abuse@ contacts do as hoster, is relay
the mail to the client but do not dare to do anything themself, even if
The RIPE IRR database contains a systemic means for
On Sun, Mar 13, 2011 at 3:42 PM, Christopher Morrow
morrowc.li...@gmail.com wrote:
not everyone drinks the mpls koolaide... so it's not always 'just a
label switch' and depending upon how large your PE mesh is, there are
If it isn't just a label switch, then features can (and sometimes do)
On Sun, Mar 13, 2011 at 5:33 PM, Florian Weimer f...@deneb.enyo.de wrote:
Not that the IRTs are often not the party you want to talk to anyway.
This is why my post highlights the underlying mechanism/system. It
can and should be used to streamline DDoS mitigation. It is
unfortunately not in
On Sun, 13 Mar 2011, Jeff Wheeler wrote:
So ultimately, there is already a good framework in place to
substantially fix this problem. No one uses it. That is unlikely
to change until there is an economic incentive, such as a lawsuit by
someone targeted by DoS which can be proven to be
On 13-3-2011 18:31, William Allen Simpson wrote:
On 3/13/11 7:45 AM, Alexander Maassen wrote:
Why o why are isp's and hosters so ignorant in dealing with such issues
and act like they do not care?
So, part of the problem is *your* upstream. Why didn't your upstream
actively remove the
On Sun, 13 Mar 2011, Alexander Maassen wrote:
On 13-3-2011 18:31, William Allen Simpson wrote:
On 3/13/11 7:45 AM, Alexander Maassen wrote:
Why o why are isp's and hosters so ignorant in dealing with such issues
and act like they do not care?
So, part of the problem is *your* upstream. Why
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/13/2011 05:34 PM, goe...@anime.net wrote:
On Sun, 13 Mar 2011, Alexander Maassen wrote:
On 13-3-2011 18:31, William Allen Simpson wrote:
On 3/13/11 7:45 AM, Alexander Maassen wrote:
Why o why are isp's and hosters so ignorant in dealing
In a message written on Sun, Mar 13, 2011 at 12:45:04PM +0100, Alexander
Maassen wrote:
Why o why are isp's and hosters so ignorant in dealing with such issues
and act like they do not care?
One of the things you have to remember is that ISP's get a ton of
reports, and most of them are of very
Op 14-3-2011 0:21, Leo Bicknell schreef:
Quite frankly, most ISP's aren't going to take your DDOS report
seriously via e-mail. If it's not bad enough to you that it is
worth your time and money to make a phone call and help them track
it down it is not worth their time and money to track
On Sun, 13 Mar 2011, Leo Bicknell wrote:
Quite frankly, most ISP's aren't going to take your DDOS report
seriously via e-mail. If it's not bad enough to you that it is
worth your time and money to make a phone call and help them track
it down it is not worth their time and money to track it
Depends on what you're yelling at them about and what you tell them.
I've picked up the phone and had a NOC guy at a russian SP (can't
remember which, Caravan I think) kill off a syn flood that was hitting
us promptly, at like 1 AM their time.
On Mon, Mar 14, 2011 at 7:05 AM, goe...@anime.net
On Sun, Mar 13, 2011 at 5:40 PM, Jeff Wheeler j...@inconcepts.biz wrote:
On Sun, Mar 13, 2011 at 3:42 PM, Christopher Morrow
morrowc.li...@gmail.com wrote:
not need that info, but the edge likely does, yes? Have 100g customers
today? planning on having them in the next ~8/12/18 months?
If
27 matches
Mail list logo