Jeff, Your CDN should have the conversation, it should never hit the list. Google is not the only place that CF bumps heads on the network edge. There have been similar discussions on other cloud providers.
Google is doing some things with security through obscurity. Which sucks. They are also good about telling the people they have peering arrangements the rules. Akamai won't bump in to this because they are whitelisted. Limelight, same deal. Also since a CDN should be handling DDOS detection, they should be keeping you from encountering this. The hoops I had to go through to get on the Azure white list... And I was a former MSFT employee, working on making that work for a Tier 1 MSFT partner at the time. (3 letters start with an A ends with a T) As to DDoS-ing via the CDN... that worries me less on a daily basis than the things I know about ways to crush a GAE instance that don't require a DDoS because a single machine (or another appengine instance) can generate 10k times more load than it puts on the attackers machine... That bothers me. (and the same attack works even better on CF because the same flaw exists in them, it is not in LimeLight, Akamai you can fix it if you set things "wrong") -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
