I'm sure you can look in the archives of this list for messages from me about this very thing... :) In short: "Every ISP should have 24/7 security support for customers under attack." That support should include, acls, null routes, tracking the attack to the ingress. Rarely do rate-limits do any good in the case of DoS attacks... (this part is a debate for another thread)
Yes, we have those ready to go. And tools like Snort/Spade and Net Flow to identify the problem and suggest ACL's and null routes, ect. My question is more about an upstream provider for an ISP (I was calling this backbone). Clearly UU has a system well in place but I would like to hear others experiences with their upstream providers and DoS's. I know what kind of help me upstreams will provide, as I have asked, I am just trying to get a feel for others experiences. James Edwards jamesh@cybermesa.com At the Santa Fe Office: Internet at Cyber Mesa Store hours: 9-6 Monday through Friday Phone support 365 days till 10 pm via the Santa Fe office: 505-988-9200