North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: blocking AS30060

  • From: Jay Hennigan
  • Date: Tue Sep 16 14:04:09 2003

On Tue, 16 Sep 2003, Will Yardley wrote:

> On Tue, Sep 16, 2003 at 01:04:18PM -0400, William Allen Simpson wrote:
>
> > Are there any adverse side effects, that anybody can think of?
>
> One is that any mail destined for this host would probably sit in the
> queue for the maximum queue lifetime, generally about 4 days, before
> bouncing as undeliverable, rather than either being rejected
> immediately.

On the other hand, if your routers have the CPU cycles to spare, an
inbound access-list along the lines of

deny tcp 64.94.110.0 0.0.0.255 eq 80 any
 [whatever other stuff you have]
permit ip any any

Will block their return traffic from tbe website (including the TCP ack)
allowing them to cheerfully syn-flood DDoS themselves if enough people
do this.

This will kill the web traffic but allow mail.

-- 
Jay Hennigan - CCIE #7880 - Network Administration - [email protected]
WestNet:  Connecting you to the planet.  805 884-6323      WB6RDV
NetLojix Communications, Inc.  -  http://www.netlojix.com/