On Thu, Apr 23, 2020 at 3:14 PM Compton, Rich A <rich.comp...@charter.com> wrote:
> Good luck with that. 😊 As Damian Menscher has presented at NANOG, even > if we do an amazing job and shut down 99% of all DDoS reflectors, there > will still be enough bandwidth to generate terabit size attacks. > https://stats.cybergreen.net > > I think we need to instead collectively focus on stopping the spoofed > traffic that allows these attacks to be generated in the first place. > > -Rich > The bcp38 religion has failed to deliver the promised land for 20 years. 1 spoofer is all you need to trigger all the reflectors. I do bcp38, i encourage others to as well, but i do not plan on it unclogging the pipes in my lifetime. You will get more miles from ACL dropping and policing known bad traffic (most of udp) > > > *From: *NANOG Email List <nanog-boun...@nanog.org> on behalf of Bottiger < > bottige...@gmail.com> > *Date: *Thursday, April 23, 2020 at 3:32 PM > *To: *Siyuan Miao <avel...@misaka.io> > > *Cc: *NANOG list <nanog@nanog.org> > *Subject: *Re: Best way to get foreign ISPs to shut down DDoS reflectors? > > > > We are unable to upgrade our bandwidth in those areas. There are no > providers within our budget there at the moment. Surely there must be some > way to get them to respond. > > > > On Thu, Apr 23, 2020 at 2:23 PM Siyuan Miao <avel...@misaka.io> wrote: > > It won't work. > > > > Get a good DDoS protection and forget about it. > > > > On Fri, Apr 24, 2020 at 5:17 AM Bottiger <bottige...@gmail.com> wrote: > > Is there a guide on how to get foreign ISPs to shut down reflectors used > in DDoS attacks? > > > > I've tried sending emails listed under abuse contacts for their regional > registries. Either there is none listed, the email is full, email does not > exist, or they do not reply. Same results when sending to whatever other > email they have listed. > > > > Example Networks: > > > > CLARO S.A. > > Telefonica > > China Telecom > > Korea Telecom > > The contents of this e-mail message and > any attachments are intended solely for the > addressee(s) and may contain confidential > and/or legally privileged information. If you > are not the intended recipient of this message > or if this message has been addressed to you > in error, please immediately alert the sender > by reply e-mail and then delete this message > and any attachments. If you are not the > intended recipient, you are notified that > any use, dissemination, distribution, copying, > or storage of this message or any attachment > is strictly prohibited. >
