2012/2/8 Dobbins, Roland <rdobb...@arbor.net>
> On Feb 8, 2012, at 8:07 PM, bas wrote: > > > As far as I see it S/RTBH is in no way a solution against smart > attackers, of course it does help against all the kiddie attacks out > > there. > > Once again, I've used S/RTBH myself and helped others use it many, many > times, including to defend against attacks with shifting purported source > IPs. flowspec, IDMS and other tools are very useful as well, but S/RTBH is > supported on a lot of hardware, if operators choose to configure it. > > It is not a panacea. It is one tool in the toolbox. > > Folks can either choose to make use of it or choose not to do so; it is > operationally proven, it does work, and it's certainly better than nothing. > YMMV. > > I agree. I think RTBH is a broadsword not a scalpel. It's a tool in the tool box and there is a danger of dropping legitimate traffic with both S/RTBH and D/RTBH. BGP isn't a security protocol. It's not even that great of a routing protocol.
