That is what I am going to do. But with over 100 downstream customers, and IOS 11.1 (sans named access lists) I don't want to start a precedent. Thanks! On Wed, 25 Mar 1998, Jain Depak Wrote Why not just filter all ping traffic to his T1 until the attack subsides? -Deepak. On Wed, 25 Mar 1998, Martin, Christian wrote:
Hello All,
I have a customer who is being ping-flooded. His bandwidth is being sucked up due to these floods, and wishes me to block them on my router. I am somewhat reluctant to do this, since it goes against our policy; however, the customer has been very patient with us on this issue and his patience is running out.
I would be implementing on a Cisco 7507, with 3 T-3s to the Internet, and the customer hangs off the router on a T-1. What is the general consensus on providing such a service, particularly in terms of processing overhead and manageability. Is there another way to prevent this type of attack, aside from watching packets go by and trying to trace it back through the source. The source IPs are spoofed.
Thanks! Christian Martin
Jain Depak wrote
Why not just filter all ping traffic to his T1 until the attack subsides?
Christian Martin replied
That is what I am going to do. But with over 100 downstream customers, and IOS 11.1 (sans named access lists) I don't want to start a precedent.
You don't want to start a precedent of protecting customers from DoS attacks? -- Steve Sobol, Tech Support Guru, NACS.NET [http://www.nacs.net/support] (The address I use on Usenet is a valid address - don't try to unmunge it!) Moderator, alt.religion.afterburner [http://antispam.nstc.com/ara] 1997 AL and 1998 World Series Champions: [http://www.indians.com]
participants (2)
-
Martin, Christian -
Steve Sobol