My experience has been that they're willing but they probably will not go the extra mile i.e. identifying the sources, putting ACLs all over their peering routers etc unless you're being persistent. I've heard of cases that if pushes come to shoves, ISPs are no longer willing to assume the risks of being attacked constantly so they probably can have the option to cancel the account.
A good colo or server provider are probably those who run their own BGP, advertise their own or delegated IP addresses and have visibility of their own network. Those attributes are rare in Malaysia. So if one runs a service that is bound to attract a lot of unwanted attentions, it's probably a bit more expensive to do it here. On 12 September 2010 22:59, Harisfazillah Jamel <[email protected]> wrote: > Ihsan > > Thanks, this information keep me more want to dig in to know more.... > > I dont know how far our ISP willing to help website owner during MSDOS > - multi-source denial of service. (thanks Harish) I do hear ISP cancel > an account and ask the owner to find other ISP. I believe that to goal > of the attack. Making sure the ISP will cancel the owner account and > no where to host it... > > On Sun, Sep 12, 2010 at 7:55 PM, Ihsan Junaidi Ibrahim > <[email protected]> wrote: >> Additionally there's a third method but this relies on your provider >> to manually drop every single suspected IPs attacking your resources. >> Sure this is effective for probably 10 attackers but in case of >> botnets, the attack is probably over by the time their done updating >> their ACLs. >> >> On 12 September 2010 19:53, Ihsan Junaidi Ibrahim >> <[email protected]> wrote: >>> Salam, >>> >>> Stopping DDOS at the perimeter is not the solution in the case of DDOS >>> targeting resources/bandwidth saturation. The only solution is to get >>> your upstream provider to drop the malicious traffic in their network >>> before it enters your network. This can be done by BGP blackhole >>> (traditional way) or the more recent, flowspec. This is probably the >>> only effective way against botnet-initiated DDOS attacks. If they have >>> the resources, running their own BGP is always recommended. >>> >>> Dropping traffic within your network only works if you have an obscene >>> amount of upstream bandwidth that can never, ever be saturated which >>> is of course, is not a reality here in Malaysia. >>> >>> CDN works if the CDN provider have their own DDOS mitigation mechanism >>> but I believe they are using either one of the 2 methods above. The >>> first one is nasty, they'll blackhole all access to your designated >>> IPs and the latter is much more refined but unsupported by many >>> carriers. >>> > > -- > Join Open Source Developers Club Malaysia http://www.osdc.my/ > > Facebook Fan page > > http://www.facebook.com/group.php?gid=98685301577 > > http://www.facebook.com/OSDC.my > > You received this message because you are subscribed to the Google > > Groups "OSDC.my Mailing List" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/osdcmy-list?hl=en -- Thank you for your time, Ihsan Junaidi Ibrahim -- Join Open Source Developers Club Malaysia http://www.osdc.my/ Facebook Fan page http://www.facebook.com/group.php?gid=98685301577 http://www.facebook.com/OSDC.my You received this message because you are subscribed to the Google Groups "OSDC.my Mailing List" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/osdcmy-list?hl=en

