6 May
2002
6 May
'02
9 a.m.
What processes and/or tools are large networks using to identify and limit the impact of DDoS attacks?
What we are using is matching of a specific community on all of our edge routers. A route matching this specific community will be blackholed on the edge. All that is then needed is by our NOC or one of our customers to announce the host under attack as a /32 with the right community and they will not suffer under the attack. Problem then is to get the router to drop all the packets.... - kurtis -