North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Effective ways to deal with DDoS attacks?

  • From: Pete Kruckenberg
  • Date: Wed May 01 19:20:14 2002

There's been plenty of discussion about DDoS attacks, and my
IDS system is darn good at identifying them. But what are
effective methods for large service-provider networks (ie
ones where a firewall at the front would not be possible) to
deal with DDoS attacks?

Current method of updating ACLs with the source and/or
destination are slow and error-prone and hard to maintain
(especially when the target of the attack is a site that
users would like to access).

A rather extensive survey of DDoS papers has not resulted in
much on this topic.

What processes and/or tools are large networks using to
identify and limit the impact of DDoS attacks?

Thanks.
Pete.