This brings up an interesting question -- what is "good DDoS protection" on an ISP scale? Apart from having enough bandwidth to weather the attack and having upstream providers attempt to filter it for you/ -----Original Message----- From: "Bottiger" <bottiger10@gmail.com> Sent: Thursday, April 23, 2020 5:30pm To: "Siyuan Miao" <aveline@misaka.io> Cc: "North American Network Operators' Group" <nanog@nanog.org> Subject: Re: Best way to get foreign ISPs to shut down DDoS reflectors? We are unable to upgrade our bandwidth in those areas. There are no providers within our budget there at the moment. Surely there must be some way to get them to respond. On Thu, Apr 23, 2020 at 2:23 PM Siyuan Miao <[ aveline@misaka.io ]( mailto:aveline@misaka.io )> wrote: It won't work. Get a good DDoS protection and forget about it. On Fri, Apr 24, 2020 at 5:17 AM Bottiger <[ bottiger10@gmail.com ]( mailto:bottiger10@gmail.com )> wrote: Is there a guide on how to get foreign ISPs to shut down reflectors used in DDoS attacks? I've tried sending emails listed under abuse contacts for their regional registries. Either there is none listed, the email is full, email does not exist, or they do not reply. Same results when sending to whatever other email they have listed. Example Networks: CLARO S.A. Telefonica China Telecom Korea Telecom