-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Great question. I definitely want to take a stab at this one.
First all of if you are worried about redundancy you could get a back
up line and run bgp. That might be a little too complex for this
scenario so my other answers follow the posters questions.
Snip "the T1 router... So if 1.5M is flooding in basically we are out
of luck."
You sure are. That is the probably with d0s attacks it really comes
down to mine is bigger then yours (and yes folks mine is big ;)
Absolutely kidding.
Snip "The question I have is: Is there any way to help this
situation?"
Redundant Internet Connections or there are people out there who
make anti ddos products (though I have not tested nor read reviews
of these so I don't know how effective they are"
Snip "How possible is it for us to put a firewall BEFORE the T1 line
to block all of this before it hits our poor little line, or would
this even help? I don't know if this would even be possible?"
Routers have to come before the firewall. I don't think you can put
a firewall in front of a router though I might be wrong. Regardless
you could have the best firewall in the world (netscreen, pitbull
argus, blah blah blah) and if the person has a bigger pipe then you
he can knock you off. Best thing to do is contact upstream isp's
(good luck).
Snip "Is there some sort of way we can have a fallback line incase
this
happens, and just move all of our ip addresses over to another t1
while
this is happening to this one computer, so its only getting attacked
and
not EVERY server we have on that line?"
BGP Redudnant Lines. Not sure if your company can afford that
or has the expertise to implement it.
HTH,
Leon
UIN: 8031369 for people who want to chat via icq
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBPGv7BdqAgf0xoaEuEQJYDQCgsXmEYdDsYAXlDgLHqi8R/Gq5/q8AoI9L
yV12z2cyd+KpLHpk2J1kDLHi
=EAaX
-----END PGP SIGNATURE-----
