Mitigating HTTP DDoS attacks?

• From: Mike Lyon
• Date: Mon Mar 24 18:09:41 2008

• Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=O57W0mCnDZ5t1msnLoIx0KfpBxZMm7bfuNNM+nCkKaI=; b=Kg2zhA/+dLNkdn0wTcxAERAPf02Ej/1xj/mYXIBBOtGhyqmwpXcHuMC6h1Z5pQ/JX9nV6gd++Fi9i0iwvpGz/Vy0aC3XDjfDKwBl0YoxEEfR8ZbYH0CQ+UljfkRVWc6l1R/YSUnkqDSNHgvOrhfHGwgxK5fZCw9u7gCjZ03DGJY=
• Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=je6nuFfdUBo9WOvZHthlyL2aUYlWASy+FIk0FkKhWNx3nmSNK5Ys8/zhyytjT1kmdgPfRPmKveZP08ejlxVPQYejzHVaY8dOQRhPc+44ZODCmdvdvHuw/zvx8ep+G2SvmzZkwisoW+T5Ro5WJmPu26opLdxDDPGnNKLgQiN7L4k=

Howdy all,

So, i'm kind of new to this so please deal with my ignorance. But,
what is common practice these days for HTTP DDoS mitigation during an
attack? You can of course route every offending ip address to null0 at
your border. But, if it's a botnet or trojan or something, It's coming
from numerous different source IPs and Null0 routes can get very
cumbersome. obviously. How do you folk usually deal with this?

Any input would be greatly appreciated.

Cheers,
Mike

• Follow-Ups:
  • RE: Mitigating HTTP DDoS attacks? Darden, Patrick S.
  • Re: Mitigating HTTP DDoS attacks? Rodrick Brown
  • RE: Mitigating HTTP DDoS attacks? Frank Bulk - iNAME
  • Re: Mitigating HTTP DDoS attacks? Paul Vixie
  • Re: Mitigating HTTP DDoS attacks? Roland Dobbins

• Prev by Date: Re: Looking for Clue at Earthlink
• Next by Date: Re: Looking for Clue at Earthlink
• Date Index
• Thread Index
• Author Index
• Historical