Howdy all, So, i'm kind of new to this so please deal with my ignorance. But, what is common practice these days for HTTP DDoS mitigation during an attack? You can of course route every offending ip address to null0 at your border. But, if it's a botnet or trojan or something, It's coming from numerous different source IPs and Null0 routes can get very cumbersome. obviously. How do you folk usually deal with this?
Any input would be greatly appreciated. Cheers, Mike
