Source based black holing would work in this case providing it was done at GoDaddy's edge. On 3 Aug 2015 01:58, "Mel Beckman" <[email protected]> wrote:
> Blackholing isn't what you want. That will still permit his source IP into > your network, and only blackhole replies from your network, so the attack > will still consume bandwidth. What you should request is a source IP ACL > blocking that address at your upstream' border. > > BGP is no help in these situations, unless you use a BGP-based DDoS > protection service. > > -mel beckman > > On Aug 2, 2015, at 5:17 PM, Jason LeBlanc <[email protected] > <mailto:[email protected]>> wrote: > > Thanks Mel. You are not being difficult, I meant DoS. The network I > inherited doesn't have BGP yet so I have asked our upstream to blackhole it > and I emailed abuse neither have happened yet. I do block it but that's > after it hits our side. > > //Jason > > From: Mel Beckman <[email protected]<mailto:[email protected]>> > Date: Sunday, August 2, 2015 at 4:20 PM > To: Jason LeBlanc <[email protected]<mailto: > [email protected]>> > Cc: NANOG <[email protected]<mailto:[email protected]>> > Subject: Re: GoDaddy : DDoS :: Contact > > Not to be difficult, but how can it be a DDoS attack if it's coming from a > single IP? Normally you would just block this IP at your borders or ask > your upstreams to do so before it consumes your bandwidth. You still want > to get GoDaddy to address the problem, of course, but you should do that > via their [email protected]<mailto:[email protected]> contact, or their > abuse page at https://supportcenter.godaddy.com/AbuseReport/Index (submit > via the "malware" button). > > -mel > > On Aug 2, 2015, at 12:59 PM, Jason LeBlanc <[email protected] > <mailto:[email protected]>> wrote: > > My company is being DDoS'd by a single IP from a GoDaddy customer. > > I havent had success with the [email protected]<mailto:[email protected]> > email. Was hoping someone > that could help might be watching the list and could contact me off-list. > > > //Jason > > >
