|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: real-time DDoS help?
Charles Sprickman wrote: While I hate the "blame the victim" mentality in general, I'd guess that up to half of all the packet floods we've experienced were aimed at compromised client boxes that were hosting illegitimate services. If your victim has no idea why they're being attacked, I'd scrutinize the target host very carefully.Is there any place where people with experience dealing with DDoS attacks hang out? I'm getting very little assistance from my upstream beyond "call whomever is in charge of each IP attacking and make them stop", and "even though we null route the destination IP being attacked, this traffic will be billed". Or if your victim is a shell host who's probably got some skript kiddie engaged in channel wars, it will likely save you a lot of time and grief to just dump that client. Is losing one worth sacrificing the rest? Unless you know exactly why you're being attacked and are willing to suffer these consequences indefinitely, you will do yourself a big favor by looking at the victim to see why the attack is occurring and removing the target from your network.
|