On Sun, Sep 12, 2010 at 10:59 PM, Harisfazillah Jamel <[email protected]> wrote: > Ihsan > > Thanks, this information keep me more want to dig in to know more.... > > I dont know how far our ISP willing to help website owner during MSDOS > - multi-source denial of service. (thanks Harish) I do hear ISP cancel > an account and ask the owner to find other ISP. I believe that to goal > of the attack. Making sure the ISP will cancel the owner account and > no where to host it... >
Do you mean DDoS or distributed denial-of-service attack right? Just to make clear it's not "that" MSDOS http://en.wikipedia.org/wiki/Denial-of-service_attack > On Sun, Sep 12, 2010 at 7:55 PM, Ihsan Junaidi Ibrahim > <[email protected]> wrote: >> Additionally there's a third method but this relies on your provider >> to manually drop every single suspected IPs attacking your resources. >> Sure this is effective for probably 10 attackers but in case of >> botnets, the attack is probably over by the time their done updating >> their ACLs. >> >> On 12 September 2010 19:53, Ihsan Junaidi Ibrahim >> <[email protected]> wrote: >>> Salam, >>> >>> Stopping DDOS at the perimeter is not the solution in the case of DDOS >>> targeting resources/bandwidth saturation. The only solution is to get >>> your upstream provider to drop the malicious traffic in their network >>> before it enters your network. This can be done by BGP blackhole >>> (traditional way) or the more recent, flowspec. This is probably the >>> only effective way against botnet-initiated DDOS attacks. If they have >>> the resources, running their own BGP is always recommended. >>> >>> Dropping traffic within your network only works if you have an obscene >>> amount of upstream bandwidth that can never, ever be saturated which >>> is of course, is not a reality here in Malaysia. >>> >>> CDN works if the CDN provider have their own DDOS mitigation mechanism >>> but I believe they are using either one of the 2 methods above. The >>> first one is nasty, they'll blackhole all access to your designated >>> IPs and the latter is much more refined but unsupported by many >>> carriers. >>> > > -- > Join Open Source Developers Club Malaysia http://www.osdc.my/ > > Facebook Fan page > > http://www.facebook.com/group.php?gid=98685301577 > > http://www.facebook.com/OSDC.my > > You received this message because you are subscribed to the Google > > Groups "OSDC.my Mailing List" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/osdcmy-list?hl=en > -- Join Open Source Developers Club Malaysia http://www.osdc.my/ Facebook Fan page http://www.facebook.com/group.php?gid=98685301577 http://www.facebook.com/OSDC.my You received this message because you are subscribed to the Google Groups "OSDC.my Mailing List" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/osdcmy-list?hl=en

