The problem is often it's not that easy to block the traffic. In case of
DNS amplification you maybe able to block some DNS servers (there's a list
of them which can be used for amplification). But if the attackers rented a
botnet, then the packets can come from everywhere.
On Wed, Feb 18, 2015
I like Jack's point. Setting up your DNS with Cloudflare is half of the
solution. The other half (as he mentioned) is getting new IP addresses,
since the bad guys already know the old IP addresses.
We have also noticed FAR fewer attacks on our servers since switching to
Cloudflare. Attacks
On 2/18/15 1:06 AM, Jack Coats wrote:
My suggestion is basically 'all of the above'.
-
Set up with cloudflare, update DNS to point to cloud flare, get new IP's
and point cloud flare to it.
Also notify CERT and FBI.
Luckily, Pittsburgh, where I now live, has the NCFTA,
