Skip to Content.
Sympa Menu

netsec-sig - Re: [Security-WG] Proposed Internet2 DDoS Mitigation Strategy

Subject: Internet2 Network Security SIG

List archive

Re: [Security-WG] Proposed Internet2 DDoS Mitigation Strategy


Chronological Thread 
  • From: Steven Wallace <>
  • To:
  • Subject: Re: [Security-WG] Proposed Internet2 DDoS Mitigation Strategy
  • Date: Sat, 24 Sep 2016 13:33:25 -0600
  • Ironport-phdr: 9a23:x3sLJBM4GmCVhDMfwjIl6mtUPXoX/o7sNwtQ0KIMzox0K/T6rarrMEGX3/hxlliBBdydsK0UzbeN+Pm9EUU7or+/81k6OKRWUBEEjchE1ycBO+WiTXPBEfjxciYhF95DXlI2t1uyMExSBdqsLwaK+i76wCAfACr/NBZ4Y6HcUs6X1pzvlrP6x5qGeAhDmSC8faI3MxqerAPNu9MQjJc4bKs910jnuHxNLt9KyH1lIxqslhL478y9tMp46Dt4uu9n+sJdB/apN58kRKBVWWx1e1s+49fm4FyaFVOC

Hi doug,

Generally Internet2 members apply BCP38. The NSF even requires it before they award network-related grants. It’s always worth bringing up, but most have this configured.

steve


On Sep 24, 2016, at 12:57 PM, Montgomery, Douglas (Fed) <> wrote:

Karl,

The Arbor report that you cite notes the significance  of reflection / amplification attacks in observed volumetirc DDoS attacks.   I notice the attached strategy document does not address preventative use of anti-spoofing techniques.   Is this because these are already widely implemented in the I2 community, viewed as not viable, or something else?

dougm
— 
Doug Montgomery, Mgr Internet & Scalable Systems Research at  NIST/ITL/ANTD


From: <> on behalf of Karl Newell <>
Reply-To: "" <>
Date: Saturday, September 24, 2016 at 1:12 PM
To: "" <>
Subject: [Security-WG] Proposed Internet2 DDoS Mitigation Strategy

I have attached the proposed Internet2 DDoS Mitigation Strategy.  The intended audience is CIO/CTO level and will be circulated after we receive feedback from the community.  Please take a look and let us know if you have any comments or questions.  For those attending TechX there is a DDoS Mitigation BoF on Wednesday; we’ll review the document and have a general discussion around DDoS mitigation.
 
Cheers,
Karl
 
--
Karl Newell
Cyberinfrastructure Security Engineer
Internet2
520-344-0459

Attachment: smime.p7s
Description: S/MIME cryptographic signature




Archive powered by MHonArc 2.6.19.

Top of Page