On Mon, 16 Dec 2002, Feger, James wrote:
AT&T also does the basics. ACL's, null routes, tracking back to ingress.
as does sprint and C&W. MFN can sometimes help, depends on who you talk to as I recall, and Verio is quick to fix problems... L3 had some problems in the past, my last experience with them was 'ok' though not stellar. I'm having a bit of trouble getting more off the top of my head, aside from the George Mason Computer group that just unplugged a machine in a dorm for me :)
-james
On Mon, 16 Dec 2002, James-lists wrote:
I'm sure you can look in the archives of this list for messages from me about this very thing... :) In short: "Every ISP should have 24/7 security support for customers under attack." That support should include, acls, null routes, tracking the attack to the ingress. Rarely do rate-limits do any good in the case of DoS attacks... (this part is a debate for another thread)
Yes, we have those ready to go. And tools like Snort/Spade and Net Flow to identify the problem and suggest ACL's and null routes, ect. My question is more about an upstream provider for an ISP (I was calling this backbone). Clearly UU has a system well in place but I would like to hear others experiences with their upstream providers and DoS's. I know what kind of help me upstreams will provide, as I have asked, I am just trying to get a feel for others experiences.
James Edwards jamesh@cybermesa.com At the Santa Fe Office: Internet at Cyber Mesa Store hours: 9-6 Monday through Friday Phone support 365 days till 10 pm via the Santa Fe office: 505-988-9200