Re: BCP38/84 and DDoS ACLs

On 5/26/17 10:24, Kody Vicknair wrote: > When I was doing some research in regards to the same subject I ran across > this doc. I've found it to be very helpful. > > http://nabcop.org/index.php/DDoS-DoS-attack-BCOP Causally applied RPF checks applied to transit and peer interfaces especially

Re: BCP38/84 and DDoS ACLs

to be honest, i do not block chargen etc at my borders; i scan hosts and turn off silly services on the hosts. but i do not have myriads of hosts in a soft gooey inside. what i block at my borders are 135-139, 161 (except for holes for measurement stations), 445, 514, stuff such as that. ykmv

Re: What happened to BGP Update Report?

Just bookmark http://bgpupdates.potaroo.net/instability/bgpupd.html if you like the report. On Fri, May 26, 2017 at 1:40 PM, Anurag Bhatia wrote: > Hello, everyone. > > > I wonder if anyone is aware of what happened to BGP Update Report which was > being published to most

What happened to BGP Update Report?

Hello, everyone. I wonder if anyone is aware of what happened to BGP Update Report which was being published to most of NOG mailing lists? I see the last one is from 7th Dec 2016. BGP Update Report was the one which provided unstable origin ASNs etc. I still do see the weekly routing table

Re: BCP38/84 and DDoS ACLs

On 27 May 2017, at 0:19, Roland Dobbins wrote: > This is the correct URI for the first preso, apologies: --- Roland Dobbins

Re: BCP38/84 and DDoS ACLs

On 27 May 2017, at 0:54, valdis.kletni...@vt.edu wrote: > I'll go out on a limb and suggest that except for a very basic home/SOHO > network, "You may need" should be "You will probably need". Concur, heh. --- Roland Dobbins

Weekly Routing Table Report

This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, MENOG, SAFNOG, SdNOG, BJNOG, CaribNOG and the RIPE Routing WG. Daily listings are sent to

Re: BCP38/84 and DDoS ACLs

On Sat, 27 May 2017 00:19:34 +0700, Roland Dobbins said: > servers/services/applications/users you have, et. al. You may need one > set of ACLs at the peering/transit edge, and other, more specific ACLs, > at the IDC distribution gateway, customer aggregation gateway, et. al. I'll go out on a

RE: BCP38/84 and DDoS ACLs

When I was doing some research in regards to the same subject I ran across this doc. I've found it to be very helpful. http://nabcop.org/index.php/DDoS-DoS-attack-BCOP Kody Vicknair Network Engineer Tel:985.536.1214 Fax:985.536.0300 Email: kvickn...@reservetele.com Reserve

Re: BCP38/84 and DDoS ACLs

On 26 May 2017, at 22:39, Graham Johnston wrote: I am looking for information regarding standard ACLs that operators may be using at the internet edge of their network, on peering and transit connections, These .pdf presos may be of interest:

Re: BCP38/84 and DDoS ACLs

To block UDP port 19 you can add something like: deny udp any eq 19 any deny udp any any eq 19 This will prevent the DDoS attack traffic entering your network (source port 19) as well as the hosts scanning around looking for hosts on your network that can be used in amplification attacks

BCP38/84 and DDoS ACLs

I really did try looking before I sent the email but couldn't quickly find what I was looking for. I am looking for information regarding standard ACLs that operators may be using at the internet edge of their network, on peering and transit connections, wherein you are filtering ingress

Call For Presentations - DNS-OARC Workshop 27, San Jose, CA, USA, 29-30 September 2017

[with apologies to those who see this on multiple lists] Call For Presentations The DNS-OARC 27th Workshop will take place in San Jose, CA, USA on September 29th and 30th 2017, the Friday and Saturday preceding NANOG 71.  The Workshop's Program Committee is now requesting proposals for