I don't see why they didn't just block the attack. It must be more then this.
On Tue, Mar 9, 2010 at 8:21 AM, Dobbins, Roland <[email protected]> wrote: > > On Mar 9, 2010, at 11:01 PM, <[email protected]> wrote: > > > Oh, I didn't say they didn't exist. > > A good way to get started w/scalable DDoS mitigation is to implement S/RTBH > on one's hardware-based edge routers, and then make use of open-source > NetFlow tools for visibility. > > There are commercial solutions as well - in the interests of full > disclosure (pardon the pun, heh), I work for a vendor of such intelligent > DDoS mitigation (IDMS) solutions. > > These slides may be of interest in hardening/leveraging one's network > infrastructure and gaining the ability to > detect/classify/traceback/mitigate DDoS: > > <http://files.me.com/roland.dobbins/k54qkv> > > <http://files.me.com/roland.dobbins/prguob> > > <http://files.me.com/roland.dobbins/k4zw3x> > > <http://files.me.com/roland.dobbins/dweagy> > > There was also a relevant talk at the latest NANOG (a synopsis of > discussions on nanog-l and cisco-nsp): > > < > http://www.nanog.org/meetings/nanog48/presentations/Monday/Kaeo_FilterTrend_ISPSec_N48.pdf > > > > and other relevant presentations at various NANOGs in the past. > > To answer the previous respondent's question, Cisco acquired Riverhead and > its Guard in early 2004: > > < > http://www.cisco.com/en/US/prod/collateral/modules/ps2706/end_of_life_c51-573493.html > > > > I also highly recommend this book by Dave Smith and Gregg Schudel of Cisco > - it's the best (and only!) book on real-world opsec out there, available in > dead-tree, Kindle, and Adobe Reader formats: > > < > http://www.amazon.com/Router-Security-Strategies-Securing-Network/dp/1587053365/ref=sr_1_1?ie=UTF8&s=books&qid=1262667257&sr=8-1 > > > > [Full disclosure again; I'm cited in the book, but received and continue to > receive no renumeration of any kind due to same.] > > But before going the commercial route, folks should work on hardening their > hosts/OSes/apps and leveraging their existing infrastructure and open-source > as noted in the presentations above - in many cases, this is all that's > needed, as outlined here: > > <http://mailman.nanog.org/pipermail/nanog/2010-January/016747.html> > > ----------------------------------------------------------------------- > Roland Dobbins <[email protected]> // <http://www.arbornetworks.com> > > Injustice is relatively easy to bear; what stings is justice. > > -- H.L. Mencken > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- http://www.miami-criminallaw.com/practice-areas/cyber-crimes --
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
