Many attacks can use spoofed source IPs, so who are you really blocking? That's why BCP38 as mentioned many times already is a necessary tool in fighting the attacks overall.
Phil On 1/11/15, 4:33 PM, "Mike Hammett" <[email protected]> wrote: >I didn't necessarily think I was shattering minds with my ideas. > >I don't have the time to read a dozen presentations. > >Blackhole them and move on. I don't care whose feelings I hurt. This >isn't kindergarten. Maybe "you" should have tried a little harder to not >get a virus in the first place. Quit clicking on male enhancement ads or >update your OS occasionally. I'm not going to spend a bunch of time and >money to make sure someone's bubble of bliss doesn't get popped. Swift, >effective, cheap. Besides, you're only cut off for 30 days. If in 30 days >you can prove yourself to be responsible, we can try this again. Well, >that or a sufficient support request. > >Besides, if enough people did hat, the list of blackholes wouldn't be >huge as someone upstream already blocked them. > > > > >----- >Mike Hammett >Intelligent Computing Solutions >http://www.ics-il.com > > > >----- Original Message ----- > >From: "Roland Dobbins" <[email protected]> >To: [email protected] >Sent: Sunday, January 11, 2015 9:29:33 AM >Subject: Re: DDOS solution recommendation > > >On 11 Jan 2015, at 22:21, Mike Hammett wrote: > >> I'm not saying what you're doing is wrong, I'm saying whatever the >> industry as a whole is doing obviously isn't working and perhaps a >> different approach is required. > >You haven't recommended anything new, and you really need to do some >reading in order to understand why it isn't as simple as you seem to >think it is. > >> Security teams? My network has me, myself and I. > >And a relatively small network, too. > >> If for example ChinaNet's abuse department isn't doing anything about >> complains, eventually their whole network gets blocked a /32 at a >> time. *shrugs* Their loss. > >Again, it isn't that simple. > >----------------------------------- >Roland Dobbins <[email protected]> >

