On Mon, 16 Dec 2002, James-lists wrote:
I am wondering how much help backbone providers give in identifying sources of a DoS and deciding what ACL's or rate-limits need to be placed to bring a DoS under control,
I'm sure you can look in the archives of this list for messages from me about this very thing... :) In short: "Every ISP should have 24/7 security support for customers under attack." That support should include, acls, null routes, tracking the attack to the ingress. Rarely do rate-limits do any good in the case of DoS attacks... (this part is a debate for another thread)
for their downstream clients. (Assuming it is their downstream clients that are being DoS'ed). I realize this will vary from provider to provider, I am just seeking peoples experiences with this issue.
it may vary, but there really should be an expected minimum standard.
James Edwards jamesh@cybermesa.com At the Santa Fe Office: Internet at Cyber Mesa Store hours: 9-6 Monday through Friday Phone support 365 days till 10 pm via the Santa Fe office: 505-988-9200