Internet2 Network Security SIG

[Steven Wallace <>]

Hi doug,

Generally Internet2 members apply BCP38. The NSF even requires it before they award network-related grants. It’s always worth bringing up, but most have this configured.

steve

On Sep 24, 2016, at 12:57 PM, Montgomery, Douglas (Fed) <> wrote:

Karl,

The Arbor report that you cite notes the significance  of reflection / amplification attacks in observed volumetirc DDoS attacks.   I notice the attached strategy document does not address preventative use of anti-spoofing techniques.   Is this because these are already widely implemented in the I2 community, viewed as not viable, or something else?

dougm

— 

Doug Montgomery, Mgr Internet & Scalable Systems Research at  NIST/ITL/ANTD

From: <> on behalf of Karl Newell <>
Reply-To: "" <>
Date: Saturday, September 24, 2016 at 1:12 PM
To: "" <>
Subject: [Security-WG] Proposed Internet2 DDoS Mitigation Strategy

I have attached the proposed Internet2 DDoS Mitigation Strategy.  The intended audience is CIO/CTO level and will be circulated after we receive feedback from the community.  Please take a look and let us know if you have any comments or questions.  For those attending TechX there is a DDoS Mitigation BoF on Wednesday; we’ll review the document and have a general discussion around DDoS mitigation.

 

Cheers,

Karl

 

--

Karl Newell

Cyberinfrastructure Security Engineer

Internet2

520-344-0459

Attachment: smime.p7s
Description: S/MIME cryptographic signature