|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Identifying DoS-attacked IP address(es)
AT&T also does the basics. ACL's, null routes, tracking back to ingress. -james On Mon, 16 Dec 2002, James-lists wrote: > > > I'm sure you can look in the archives of this list for > messages from me > > about this very thing... :) In short: "Every ISP should > have 24/7 security > > support for customers under attack." That support should > include, acls, > > null routes, tracking the attack to the ingress. Rarely do > rate-limits do > > any good in the case of DoS attacks... (this part is a > debate for another > > thread) > > Yes, we have those ready to go. And tools like Snort/Spade > and Net Flow to identify the problem > and suggest ACL's and null routes, ect. My question is more > about an upstream provider for an ISP > (I was calling this backbone). Clearly UU has a system well > in place but I would like to hear others experiences > with their upstream providers and DoS's. I know what kind of > help me upstreams will provide, as I have asked, > I am just trying to get a feel for others experiences. > > James Edwards > [email protected] > At the Santa Fe Office: Internet at Cyber Mesa > Store hours: 9-6 Monday through Friday > Phone support 365 days till 10 pm via the Santa Fe office: > 505-988-9200 > > > >
|