Hi, Well the abusers started to use burst and then switching targeted IP. Last time I opened a ticket with GT-T/nLayer for a ~120Mbps NTP DDoS Amplification "attempt" toward 2 of my IP's. . after 2h, I called them directly to be told they lost my original request; . after 4h, got told it wasn't assigned yet; . after 12h, they finally applied the filter as the amp attempt stopped; Based on that experience... why bother. To give you an idea, in the past 4 days and 30m queries, I'm up to 1100 blocked targets on one of my DNS Servers. ----- Alain Hebert ahebert@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443 On 01/24/14 09:36, Jared Mauch wrote:
On Jan 24, 2014, at 9:22 AM, Alain Hebert <ahebert@pubnix.net> wrote:
Is there a [Spoofing Tracking Squad] out there? ( We're on GT-T/nLayer/Tinet ) You haven’t been able to get GTT/nLayer/TINet to track the traffic back?
Details are welcome, either here or in private. There are plenty of people who will chase and fix this stuff when they’re aware of it.
- Jared