North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Is there a line of defense against Distributed Reflective attacks?
On Fri, 17 Jan 2003 [email protected] wrote: > On Fri, 17 Jan 2003 04:29:07 GMT, "Christopher L. Morrow" said: > > > > > How quickly is quickly? Often times as has been my recent experience > > > (part of my motivation for posting this thread) the flood is over before > > > one can get a human being on the phone. > > > > Once the call arrives and the problem is deduced it can be tracked in a > > matter of minutes, like 6-10 at the fastest... > > Yes, but *YOUR* crew has a reputation for having a clue. I'm willing to We appreciate the kind words :) > bet that "once the call arrives" is a challenge for a lot of smaller ISPs > that don't even *HAVE* a security team, and "the problem is deduced" is > a challenge for the ones that have a team that don't have a clue. > This gets down to something I've harped on for a while now... if you drive a car you must have a license and pass a test. If you run a network on the internet you really should have 24/7 security clued person(s) available to stop/track/mitigate security issues. > We see a *LOT* of postings here "anybody know a clueful at XYZ, we've been > DDoS'ed for 36 hours".... Yup, and its a shame that that is the case :( Perhaps they should become UUNET customers and then they can just call us? :) People move for cheap bandwidth alot, I wonder how the value proposition works out when you are down and paying SLA's to your customers due to a hosted dalnet server getting attacked for 36 hours?
|