Re: [swinog] DDOS >1Tbps - Swiss-wide (regional) BGP propagation?!

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dear team, > Since we see >1Tbps DDOS attacs in the wild, I suppose > out-of-the-box DDOS mitigation suppliers have lost this race. There > is no operator in Switzerland which can handle 1Tbps DDOS attacks. > > When we saw DDOS against digitec.ch

Re: [swinog] DDOS >1Tbps - Swiss-wide (regional) BGP propagation?!

binNDFG1Id5cb.bin Description: PGP/MIME Versions Identification encrypted.asc Description: OpenPGP encrypted message ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] DDOS >1Tbps - Swiss-wide (regional) BGP propagation?!

On 2016-10-01 20:24, Patrick Albrecht wrote: > Hi > > I'm a employee of a good known E-Commerce site here in switzerland and I > would like to share some thoughts from my side if that's okay for all. I > hope I understood well enough what you plan. Otherwise just ignore what > I just wrote :) >>

Re: [swinog] DDOS >1Tbps - Swiss-wide (regional) BGP propagation?!

Hi I'm a employee of a good known E-Commerce site here in switzerland and I would like to share some thoughts from my side if that's okay for all. I hope I understood well enough what you plan. Otherwise just ignore what I just wrote :) > Given that e-commerce such as digitec.ch is assumingly

[swinog] Krebs: Source Code for IoT Botnet ‘Mirai’ Released

https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/ And now the script kiddies have their hands on it... Enjoy that Internet... Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch

Re: [swinog] DDOS >1Tbps - Swiss-wide (regional) BGP propagation?!

If I recall correctly 3303 has some communities which can be used for such a matter... gruss -steven > Am 01.10.2016 um 16:51 schrieb Fredy Kuenzler : > > Since we see >1Tbps DDOS attacs in the wild, I suppose out-of-the-box > DDOS mitigation suppliers have lost this

Re: [swinog] DDOS >1Tbps - Swiss-wide (regional) BGP propagation?!

Agree, this has to be done. See also https://fe.nix.cz/en/ in Czech republic some ISP realized this idea about 3 year ago. And see also some IP-Transit-Providers already have regional restricted route propagation in their BGP community.

Re: [swinog] DDOS >1Tbps - Swiss-wide (regional) BGP propagation?!

On 2016-10-01 16:51, Fredy Kuenzler wrote: [..] > To achieve this I think we need a collaborative community effort setting > up a common procedure and define a BGP communitiy with the effect "do > not announce beyond Switzerland". Great initiative! If you need extra hands, don't hesitate to

Re: [swinog] DDOS >1Tbps - Swiss-wide (regional) BGP propagation?!

On 01.10.2016 17:35, Gert Doering wrote: > I think this is an awesome idea. > > The situation is similar here in DE - nobody could stand an 1 Tbit > DDoS attack, and a large number of content offerings are targeted > only to german speaking customers, so if DE/A/CH work, 99% of the > customers

Re: [swinog] DDOS >1Tbps - Swiss-wide (regional) BGP propagation?!

Hi, On Sat, Oct 01, 2016 at 04:51:36PM +0200, Fredy Kuenzler wrote: > To achieve this I think we need a collaborative community effort setting > up a common procedure and define a BGP communitiy with the effect "do > not announce beyond Switzerland". I think this is an awesome idea. The

[swinog] DDOS >1Tbps - Swiss-wide (regional) BGP propagation?!

Since we see >1Tbps DDOS attacs in the wild, I suppose out-of-the-box DDOS mitigation suppliers have lost this race. There is no operator in Switzerland which can handle 1Tbps DDOS attacks. When we saw DDOS against digitec.ch and others earlier this year, I was a bit surprised that none of the so