How does he/she become target? How does IP address gets exposed? I guess simplest way is to reboot modem and hope to get new ip (or call n request)
Mehmet > On Sep 19, 2015, at 12:54, Frank Bulk <frnk...@iname.com> wrote: > > Could the community share some DDoS auto-mitigation best practices for > eyeball networks, where the target is a residential broadband subscriber? > I'm not asking so much about the customer communication as much as > configuration of any thresholds or settings, such as: > - minimum traffic volume before responding (for volumetric attacks) > - minimum time to wait before responding > - filter percentage: 100% of the traffic toward target (or if volumetric, > just a certain percentage)? > - time before mitigation is automatically removed > - and if the attack should recur shortly thereafter, time to respond and > remove again > - use of an upstream provider(s) mitigation services versus one's own > mitigation tools > - network placement of mitigation (presumably upstream as possible) > - and anything else > > I ask about best practice for broadband subscribers on eyeball networks > because it's different environment than data center and hosting environments > or when one's network is being used to DDoS a target. > > Regards, > > Frank >
