We've certainly never done this as a permanent solution. Blocking IPs or ranges at the firewall wouldn't do much under a heavy DDOS, by the time the traffic is there it's probably saturating other parts of the hosts network.
Better avenue would be to null route the destination IP on the edge routers and work with upstream providers to determine the source and have them block and/or shutdown the source. Null routing mitigates most of the effect of the DDOS on the rest of your network. Either way blocking at the firewall or null routing destinations would be temporary until the upstream provider could deal with things. I'd bet $1.50 that your host really doesn't understand mitigation or is hosting in another providers data center and doesn't have access to the core network gear. Also sounds like maybe they've had other customers complain about spam from specific IPs and did this as a quick fix. Byron Mann Lead Engineer and Architect HostMySite.com On Wed, May 2, 2012 at 8:51 AM, Robert Harrison <rob...@austin-williams.com>wrote: > > I have a host who, for the most part, I am satisfied with. However, he is > in the habit of blocking IP ranges for various reasons... DDOS attacks, > repeated port scans, etc. I've had complaints from some of my clients who > do international business that some people cannot access their sites other > parts of the world, like places in Asia, the Middle East, South and Central > America, etc. I'm not surprised at the complaints. > > Is this a normal practice, or is this host over-zealous? > > > > Robert Harrison > Director of Interactive Services > > Austin & Williams > Advertising I Branding I Digital I Direct > 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 > T 631.231.6600 X 119 F 631.434.7022 > http://www.austin-williams.com > > Blog: http://www.austin-williams.com/blog > Twitter: http://www.twitter.com/austin_ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350968 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
