Peace,

On Tue, Jan 7, 2020, 9:10 PM Hugo Slabbert <hugo@slabnet.com> wrote:
And you're sure that you are the reflection target not the reflection vector?

Well, in almost any* case blacklisting reflection vectors by IP is an insanely bad practice.

* — I can *think* of a use case when this could be an appropriate solution (I recall Netscout/Arbor once had such a use case), but in the overwhelming majority of incidents it is absolutely not, and you need to be one hundred percent sure you know what you're doing.

--
Töma