I’m good now, but it would be nice if the people on the front lines at Global Crossing were even aware what a “Denial of Service” attack was, or that they even have a SOC for incident handling. Once we got redirected into their SOC we were in good hands. Stefan Fouant: NeuStar, Inc. Principal Network Engineer 46000 Center Oak Plaza Sterling, VA 20166 [ T ] +1 571 434 5656 [ M ] +1 202 210 2075 [ E ] stefan.fouant@neustar.biz [ W ] www.neustar.biz From: Josh Potter [mailto:joshpotter@gmail.com] Sent: Wednesday, December 17, 2008 2:45 PM To: Fouant, Stefan Cc: nanog@nanog.org; Brown, Chad Subject: Re: Global Crossing SOC Sounds like you need to talk to the Global Crossing NCC. They're located in Phoenix however I don't have their number. On Wed, Dec 17, 2008 at 12:32 PM, Fouant, Stefan <Stefan.Fouant@neustar.biz> wrote: Folks, Any Global Crossing SOC folks here? We've had a simple DoS attack targeting one of our nodes connected to Global Crossing but have literally spent 3 hours on the phone with Global Crossing support attempting to get someone with a clue as to how to implement a simple ACL on their edge router to deal with this. If there's anyone here who can assist, please contact me off list. Regards, Stefan Fouant: NeuStar, Inc. Principal Network Engineer 46000 Center Oak Plaza Sterling, VA 20166 [ T ] +1 571 434 5656 [ M ] +1 202 210 2075 [ E ] stefan.fouant@neustar.biz [ W ] www.neustar.biz -- Josh Potter