netsec-sig - Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more...
Subject: Internet2 Network Security SIG
List archive
Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more...
Chronological Thread
- From: Michael H Lambert <>
- To: "Spurling, Shannon" <>
- Cc: "Cas D'Angelo" <>, Steven Wallace <>, "" <>, Rob Vietzke <>, George Loftus <>, John Moore <>, Caroline Weilhamer <>
- Subject: Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more...
- Date: Thu, 22 Oct 2015 11:52:54 -0400
> On 20 Oct 2015, at 12:06, Spurling, Shannon
> <>
> wrote:
>
> Personally, I’m not sold on scrubbing. Sometimes it’s best to scuttle the
> IP during the attack and adopt some edge based practices that let you have
> some flexibility at the edge. Some of the lamest (as far as target value or
> reason behind it) DDOS’s are enormous, and I don’t see any way to
> effectively scrub them out. Then there’s the camouflaged ones, where you
> would need something application or state aware to properly remove the bad
> traffic. That is very computationally expensive.
I also have reservations about scrubbing. To me it's just paying a
third-party to do what your provider should be doing as part of their basic
service (ie, filtering on ingress). Black hole routes are too broad
(essentially a concession to the attacker). There may be promise in
flowspec, but only if providers are willing to push it to their edge.
Michael
- Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., (continued)
- Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Mark Montalto, 10/21/2015
- RE: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Schopis, Paul, 10/21/2015
- Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Taylor, Scott J., 10/21/2015
- RE: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Schopis, Paul, 10/21/2015
- RE: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Spurling, Shannon, 10/21/2015
- RE: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Schopis, Paul, 10/21/2015
- Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Dale W. Carder, 10/22/2015
- Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., George Loftus, 10/22/2015
- RE: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Schopis, Paul, 10/22/2015
- Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Dale W. Carder, 10/22/2015
- Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Nick Buraglio, 10/22/2015
- Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Dale W. Carder, 10/22/2015
- Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Michael H Lambert, 10/22/2015
- RE: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Spurling, Shannon, 10/22/2015
- Re: [Security-WG] fast track for DDoS recommendations to Internet2, and a bit more..., Mark Montalto, 10/21/2015
Archive powered by MHonArc 2.6.16.