My experience with most providers has been that null routing is the
"industry standard" when a DDoS hits their network.
I would suggest approaching companies who specialize in DDoS mitigation
- Prolexic and Blacklotus to name two I am familiar with. These outfits
may have something that works for a non-profit from a pricing point of
view.
Ping me off list, I deal with a few providers and may be able to point
you in the right direction.
/e
On 2012-12-06 3:53 PM, Steve wrote:
The ideal solution is a carrier that has its own true DDoS mitigation platform,
and does not rely on black hole routing . Have the carrier handle the the large
bulk flood attacks, then have your own prem base mitigation platform take care
of the more application specific attacks that get through .
This represents the best solution , and also the most expensive . So it may not
work for a non profit.
This Email was sent from Steve's iPad
Message: 4
Date: Thu, 6 Dec 2012 09:51:21 -0800
From: Mike Gatti <ekim.it...@gmail.com>
To: NANOG list <nanog@nanog.org>
Subject: Solutions for DoS & DDoS
Message-ID: <0d89d80c-d288-402f-8723-b837ea523...@gmail.com>
Content-Type: text/plain; charset=us-ascii
Hello Everyone,
I'm assisting a non-profit organization to research solutions to secure their
network from DOS/DDOS attacks. So far we have gone the route of discussing with
their ISP's to see what solutions they have to offer, believing that the
carriers are better positioned to block the attack from the source.
I wanted to get the lists thoughts on our approach going the carrier route
and/or hear about successful implementation of other solutions.
Thanks,
--
Michael Gatti
949.371.5474
(UTC -8)
------------------------------
End of NANOG Digest, Vol 59, Issue 24
*************************************
--
Erol Blakely
easyDNS Technologies Inc.