Re: Getting hit hard by CHINANET

2015-03-17 Thread Paul S.
On 3/18/2015 午後 02:44, Mark Tinka wrote: On 18/Mar/15 07:31, Paul S. wrote: All 6 of my upstreams (Most of them tier 1s, except Internap which is a tier 3?) have cooperated just fine in blocking problematic IPs if needed in emergencies. In the data plane for the link facing you, or through

Re: Getting hit hard by CHINANET

2015-03-17 Thread Mark Tinka
On 18/Mar/15 08:19, Roland Dobbins wrote: The assumption is that that OP is an end-customer/endpoint network, and willing to pay for same, if necessary. My general experience is that customers are not willing to pay for implementation of data plane filters. They'd be willing to pay for t

Re: Getting hit hard by CHINANET

2015-03-17 Thread Mike Hale
I null route those IPs that stand out above the background noise at our edge. Seems to work relatively well so far. I do have a request for Roland. Would you mind sharing more details on what you've seen regarding the various miscreants screwing with each others' devices? On Tue, Mar 17, 2015 a

Re: Getting hit hard by CHINANET

2015-03-17 Thread Roland Dobbins
On 18 Mar 2015, at 12:26, Mark Tinka wrote: I'm actually curious how many transit providers would implement data plane filters on their side to block source traffic bound for their downstreams. The assumption is that that OP is an end-customer/endpoint network, and willing to pay for same,

Re: Getting hit hard by CHINANET

2015-03-17 Thread Colin Johnston
use block firewall country flags, use strict packet compliance checking, dont bother with abuse email comms as is ignored, mentioned to trade missions but ignored colin Sent from my iPhone > On 17 Mar 2015, at 02:06, Terrance Devor wrote: > > Hello Everyone, > > I really hope this is not ag

Re: Getting hit hard by CHINANET

2015-03-17 Thread Mark Tinka
On 18/Mar/15 07:31, Paul S. wrote: All 6 of my upstreams (Most of them tier 1s, except Internap which is a tier 3?) have cooperated just fine in blocking problematic IPs if needed in emergencies. In the data plane for the link facing you, or through RTBH? Mark.

Re: Getting hit hard by CHINANET

2015-03-17 Thread Paul S.
All 6 of my upstreams (Most of them tier 1s, except Internap which is a tier 3?) have cooperated just fine in blocking problematic IPs if needed in emergencies. I did not have to argue. On 3/18/2015 午後 02:26, Mark Tinka wrote: On 18/Mar/15 04:13, Roland Dobbins wrote: Also, asking your u

Re: Getting hit hard by CHINANET

2015-03-17 Thread Mark Tinka
On 18/Mar/15 04:13, Roland Dobbins wrote: Also, asking your upstreams/peers to block traffic sourced from this IP to your netblock(s) on their networks. I'm actually curious how many transit providers would implement data plane filters on their side to block source traffic bound for their

Re: Getting hit hard by CHINANET

2015-03-17 Thread Roland Dobbins
On 18 Mar 2015, at 9:13, Roland Dobbins wrote: Also, asking your upstreams/peers to block traffic sourced from this IP to your netblock(s) on their networks. It would also be a good idea to ensure that your systems which are being targeted aren't themselves compromised, and being used by mis

Re: Getting hit hard by CHINANET

2015-03-17 Thread Roland Dobbins
On 17 Mar 2015, at 9:06, Terrance Devor wrote: Do we have any options? S/RTBH and/or ACLs at your transit/peering edge, for starters: Also, asking your upstreams/peers to block traffic sourced from this IP to your netblock(s) on their networks.

Re: Getting hit hard by CHINANET

2015-03-17 Thread Christopher Morrow
On Mon, Mar 16, 2015 at 10:06 PM, Terrance Devor wrote: > Hello Everyone, > > I really hope this is not against group policy etc.. however our network is > being hit > hard by a China IP for the past 6 months. Our systems our up to date, > passwordless > ssh etc.. but they're DOS attempts are gett

Getting hit hard by CHINANET

2015-03-17 Thread Terrance Devor
Hello Everyone, I really hope this is not against group policy etc.. however our network is being hit hard by a China IP for the past 6 months. Our systems our up to date, passwordless ssh etc.. but they're DOS attempts are getting more and more aggressive. Tried to contact their phone number to n

Request for clueful person at Apple's mail operation

2015-03-17 Thread Rich Brown
Folks, A number of colleagues have been having delayed or rejected mail deliveries (with "451 4.5.3 Too many rejections; try again later." messages) since Saturday morning. Apple's front-line iCloud support people have been helpful, but not terribly clued in. Could someone contact me off-list

RIPE 70 draft programme and CFP 2nd deadline 12 april 2015

2015-03-17 Thread Benno Overeinder
Dear colleagues, Following the past submission deadline, a Draft Programme for RIPE 70 is now published at: https://ripe70.ripe.net/programme/meeting-plan/draft-programme/ We will accept new proposals until 12 April 2015 for the remaining few slots. You can find the Call for Presentations and g