North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Mitigating HTTP DDoS attacks?

  • From: Roger Marquis
  • Date: Mon Mar 24 22:04:01 2008

Mike Lyon wrote: 
So, i'm kind of new to this so please deal with my ignorance. But,
what is common practice these days for HTTP DDoS mitigation during an
attack? You can of course route every offending ip address to null0 at
your border. But, if it's a botnet or trojan or something, It's coming
from numerous different source IPs and Null0 routes can get very
cumbersome. obviously. How do you folk usually deal with this?


Depends a lot on the size of the network.  If it's more than a few colos I
highly recommend Arbor Peakflow (http://www.arbornetworks.com/).  Not cheap
but it works and scales well.

--
Roger Marquis
Roble Systems Consulting
http://www.roble.com/