odels we get are in the low 5 figures for each one.
> -Adam
>
> From: AF mailto:af-boun...@af.afmug.com>> On Behalf
> Of TJ Trout
> Sent: Tuesday, March 21, 2023 3:08 PM
> To: AnimalFarm Microwave Users Group <mailto:af@af.afmug.com>>
> Subject: Re: [AFMUG] DDOS
&
Well that’s a better deal than A10. I don’t write the checks, but I think the
A10 models we get are in the low 5 figures for each one.
-Adam
From: AF On Behalf Of TJ Trout
Sent: Tuesday, March 21, 2023 3:08 PM
To: AnimalFarm Microwave Users Group
Subject: Re: [AFMUG] DDOS
And anyone
And anyone not running automated mitigation, I would highly recommend Mke
solutions, he charges only a few hundred dollars to get you up and running,
just provide a VM or hardware.
On Tue, Mar 21, 2023, 12:05 PM TJ Trout wrote:
> Nice, fastnetmon or something else?
>
> If your running
RTBH and change the CGNAT config.
Josh Luthman
24/7 Help Desk: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Wed, Jan 20, 2021 at 8:47 PM Matt Hoppes <
mattli...@rivervalleyinternet.net> wrote:
> That's what I've done... stops it in about 1 minute, but at the
;
> --
> *From: *"Zach Underwood"
> *To: *"AnimalFarm Microwave Users Group"
> *Sent: *Wednesday, January 20, 2021 8:23:43 PM
> *Subject: *Re: [AFMUG] DDOS on cgnat
>
> Remote ddos protection has a few points. The below applies to
s Group"
Sent: Wednesday, January 20, 2021 8:23:43 PM
Subject: Re: [AFMUG] DDOS on cgnat
Remote ddos protection has a few points. The below applies to ddos protection
that can not normally be in the traffic flow.
1. It can break ipsec tunnels that where setup prior to the mitigation. We stay
Remote ddos protection has a few points. The below applies to ddos
protection that can not normally be in the traffic flow.
1. It can break ipsec tunnels that where setup prior to the mitigation. We
stay this alot at arbor, it is do to when the ipsec tunnel comes up the mtu
becomes fixed. When you
You can get psychz gre tunnel + bgp and announce the whole /24 out the
tunnel and stop anounce on regular transit.
This acts like another dia + scrubbing over your existing transit via gre
On Wed, Jan 20, 2021, 5:50 PM Dev wrote:
> If you do BGP you can send it to a black hole, otherwise if
If you do BGP you can send it to a black hole, otherwise if the link is truly
saturated and unusable, you’ll probably be talking upstream to someone who can
help. Later you can buy proxy scrubbing services or get an Arbor box, but that
probably doesn’t help you now.
> On Jan 20, 2021, at 3:55
That's what I've done... stops it in about 1 minute, but at the expense
of traffic flowing.
On 1/20/21 8:36 PM, Zach Underwood wrote:
In that case you really only have one option announce a black hole to
your upstreams and complete the ddos attack.
On Wed, Jan 20, 2021, 8:20 PM Matt Hoppes
In that case you really only have one option announce a black hole to your
upstreams and complete the ddos attack.
On Wed, Jan 20, 2021, 8:20 PM Matt Hoppes
wrote:
> In this case they overwhelmed our circuit... and it was destined to the
> CGNAT box NAT IP.
>
> On 1/20/21 7:39 PM, Zach
In this case they overwhelmed our circuit... and it was destined to the
CGNAT box NAT IP.
On 1/20/21 7:39 PM, Zach Underwood wrote:
If you have enough to bring the good and attack traffic into your
network the arbor boxes can filter out all of the attack traffic allow
the ip and it's traffic
If you have enough to bring the good and attack traffic into your network
the arbor boxes can filter out all of the attack traffic allow the ip and
it's traffic to stay online.
On Wed, Jan 20, 2021, 7:28 PM Chuck McCown via AF wrote:
> What does that do?
>
> Sent from my iPhone
>
> On Jan 20,
What does that do?
Sent from my iPhone
> On Jan 20, 2021, at 5:04 PM, Zach Underwood wrote:
>
>
> If you have bandwidth send all of the traffic into an arbor box. I have seen
> them do some amazing things.
>
>
>
> Disclaimer I use to for work for arbor/netscout but I am no longer there.
If you have bandwidth send all of the traffic into an arbor box. I have
seen them do some amazing things.
Disclaimer I use to for work for arbor/netscout but I am no longer there.
On Wed, Jan 20, 2021, 6:56 PM Matt Hoppes
wrote:
> Any ideas how to mitigate DDOS attacks when you’re on CGNAT
null/rtbh and move the nat exit ip, then break down that pool to 25:1 and
wait for the second wave to further isolate
On Wed, Jan 20, 2021 at 3:56 PM Matt Hoppes <
mattli...@rivervalleyinternet.net> wrote:
> Any ideas how to mitigate DDOS attacks when you’re on CGNAT with maybe 100
> people
Any ideas how to mitigate DDOS attacks when you’re on CGNAT with maybe 100
people behind one IP concentrator?
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
17 matches
Mail list logo