On Sun, Sep 12, 2010 at 10:59 PM, Harisfazillah Jamel
<[email protected]> wrote:
> Ihsan
>
> Thanks, this information keep me more want to dig in to know more....
>
> I dont know how far our ISP willing to help website owner during MSDOS
> - multi-source denial of service. (thanks Harish) I do hear ISP cancel
> an account and ask the owner to find other ISP. I believe that to goal
> of the attack. Making sure the ISP will cancel the owner account and
> no where to host it...
>

Do you mean DDoS or distributed denial-of-service attack right? Just
to make clear it's not "that" MSDOS
http://en.wikipedia.org/wiki/Denial-of-service_attack



> On Sun, Sep 12, 2010 at 7:55 PM, Ihsan Junaidi Ibrahim
> <[email protected]> wrote:
>> Additionally there's a third method but this relies on your provider
>> to manually drop every single suspected IPs attacking your resources.
>> Sure this is effective for probably 10 attackers but in case of
>> botnets, the attack is probably over by the time their done updating
>> their ACLs.
>>
>> On 12 September 2010 19:53, Ihsan Junaidi Ibrahim
>> <[email protected]> wrote:
>>> Salam,
>>>
>>> Stopping DDOS at the perimeter is not the solution in the case of DDOS
>>> targeting resources/bandwidth saturation. The only solution is to get
>>> your upstream provider to drop the malicious traffic in their network
>>> before it enters your network. This can be done by BGP blackhole
>>> (traditional way) or the more recent, flowspec. This is probably the
>>> only effective way against botnet-initiated DDOS attacks. If they have
>>> the resources, running their own BGP is always recommended.
>>>
>>> Dropping traffic within your network only works if you have an obscene
>>> amount of upstream bandwidth that can never, ever be saturated which
>>> is of course, is not a reality here in Malaysia.
>>>
>>> CDN works if the CDN provider have their own DDOS mitigation mechanism
>>> but I believe they are using either one of the 2 methods above. The
>>> first one is nasty, they'll blackhole all access to your designated
>>> IPs and the latter is much more refined but unsupported by many
>>> carriers.
>>>
>
> --
> Join Open Source Developers Club Malaysia http://www.osdc.my/
>
> Facebook Fan page
>
> http://www.facebook.com/group.php?gid=98685301577
>
> http://www.facebook.com/OSDC.my
>
> You received this message because you are subscribed to the Google
>
> Groups "OSDC.my Mailing List" group.
> To post to this group, send email to [email protected]
> To unsubscribe from this group, send email to
> [email protected]
> For more options, visit this group at
> http://groups.google.com/group/osdcmy-list?hl=en
>

-- 
Join Open Source Developers Club Malaysia http://www.osdc.my/

Facebook Fan page

http://www.facebook.com/group.php?gid=98685301577

http://www.facebook.com/OSDC.my

You received this message because you are subscribed to the Google

Groups "OSDC.my Mailing List" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/osdcmy-list?hl=en

Kirim email ke