18 Oct
2002
18 Oct
'02
10:35 a.m.
701 has a blackhole community, 701:9999, basically it sets the next-hop to something blackholed on their edge so the DOS attack gets dropped as soon as it hits them. I have made use of this to kill at least one DDOS event. A global blackhole community may be difficult to achieve, but getting the majority of large providers to implement one is a good start.
Brilliant solution - lets stop DDOS attack on the customer by denying service to the customer is a non-distributed way. Alex