2 May
2016
2 May
'16
9:03 a.m.
On Mon, May 2, 2016 2:30 pm, Danny McPherson wrote:
We use it effectively in a layered model where "Principle of Minimal Intervention" applies, allowing attack mitigation and traffic diversion in the most optimal place (e.g., at network ingress), and only scrubbing or diverting traffic when necessary.
Sorry to say, but the most optimal place for ddos mitigation is at network egress of origin. What comes in mind regarding that is the ability for target ASN telling source ASN to stop sending packets from a specific (let's say /29) in the case of a DDoS (with appropiate security measures in place off course). Because, let's face it, why would a target of a ddos need to nullroute itself?