Re: [SECURITY] Application layer attacks/DDoS attacks

While I don't think any ISP "wants DDoS" to make $$, I do based on experience believe that business cases have to be made for everything. With the prices pay for BW in most of the world now, ( or the last number of years) its going to be VERY hard to get anyone to allocated time/$$ or energy to do

Re: Help Needed Segmenting Existing Network with Sophos UTM Cisco Catalyst switches and RHEL6 Hypervisors

Thanks Baldur. I am definitely planning on doing that. Eric, no the VMs are not all segregated, they are all blended together. You can find a 192.168 sharing the same physical host as a 10.10. I've never played with OpenVSwitch before, though. Would introducing it here lead to any further complexi

Re: [SECURITY] Application layer attacks/DDoS attacks

On 24 May 2015, at 3:14, Scott Weeks wrote: Those that care (NANOG type folks) already have deployed it and those that don't care have not and will not. Concur 100%. --- Roland Dobbins

Re: [SECURITY] Application layer attacks/DDoS attacks

Yes Harlan, you are absolutely right, even if this won't stop the botnet-based DDoS attacks, but at least will significantly decrease the volume/frequency of the volume based attacks. On the other side, the DDoS protection now become a business where all-tiers ISPs make money of, and those ISPs is

Re: [SECURITY] Application layer attacks/DDoS attacks

--- st...@ntp.org wrote: From: Harlan Stenn Just to ask, what is the expected effect on DDoS attacks if folks implemented BCP38? --- A moot point these days. After all the years it has been out (15 years: https://tools.ietf.org/html/bcp38) it can be seen

Re: [SECURITY] Application layer attacks/DDoS attacks

Just to ask, what is the expected effect on DDoS attacks if folks implemented BCP38? How does the cost of implementing BCP38 compare to the cost of other solution attempts? H

Re: Help Needed Segmenting Existing Network with Sophos UTM Cisco Catalyst switches and RHEL6 Hypervisors

The answer to this one is easy. Yes, there is very likely a series of steps, that will achieve what you want remotely. But... "The data center is a long way away, and any downtime will be catastrophic". The slightest misstep and you will be down until you arrive at the site. So do not even think

Re: Help Needed Segmenting Existing Network with Sophos UTM Cisco Catalyst switches and RHEL6 Hypervisors

Diagramming is a little difficult right now, but think of the current state as router-on-a-stick without VLANs, that needs to have VLANs setup. On Sat, May 23, 2015, 6:57 AM olushile akintade wrote: > Can you provide a quick diagram with the current subnet and traffic path? > On Fri, May 22, 20

Re: Peering and Network Cost

- Original Message - > From: "Dave Taht" > Two things I am curious about are 1) What is the measured benefit of > moving a netflix server into your local ISP network > > and 2) does anyone measure "cross town latency". If we lived in a > world where skype/voip/etc transited the local tow

Re: [SECURITY] Application layer attacks/DDoS attacks

On 23 May 2015, at 19:56, Ramy Hashish wrote: I am little bit confused; aren't the application firewalls" -either integrated in a "NGFW or a UTM"- the responsible for mitigating application layer attacks?

Re: [SECURITY] Application layer attacks/DDoS attacks

To many pieces to answer on a weekend on NANOG, but those of us that work in the DDoS space the last number of years have seen huge growth in the application layer attacks. This does not mean a decrease in volumetric attack, just that now you have to worry about both and lots of each. FW's while t

[SECURITY] Application layer attacks/DDoS attacks

Hello there, As a reaction to the increasing demand -from enterprises- over the DDoS protection services, a fierce competition between vendors is about to start in this playground, big upfront investments started to happen in the tier one, tier two and tier three ISPs, IMHO this will have its aggr