Rick Ernst wrote on 2008-12-13:
> - This instance was a DoS, not DDoS. Single source and destination,
> but
> the source (assuming no spoofing) was in Italy. Turning off netflow
> seemed to help, but the attack itself stopped at about the same time.
Before moving to hardware based platforms
DDoS protection packages are generally sold with Mbps, PPS, and often
TCP-SYN / UDP session limits.
--
Jeffrey Lyon, Leadership Team
jeffrey.l...@blacklotus.net | http://www.blacklotus.net
Black Lotus Communications of The IRC Company, Inc.
Look for us at HostingCon 2009 in Washington, DC on Augu
On 13 Dec 2008, at 12:39, Steven M. Bellovin wrote:
On Fri, 12 Dec 2008 16:33:51 -0800 "Tomas L. Byrnes"
wrote:
Because anyone with half a brain blocks proxies from their e-
commerce site.
What is a proxy? A garden-variety squid server, in the DMZ of a
corporate firewall? The nasty box i
On Fri, 12 Dec 2008 16:33:51 -0800
"Tomas L. Byrnes" wrote:
> Because anyone with half a brain blocks proxies from their e-commerce
> site.
>
What is a proxy? A garden-variety squid server, in the DMZ of a
corporate firewall? The nasty box in some hotels that "helps" guests
surf the net? A so
Hi all,
Apologies for the operational content, does anyone know (or is anyone)
a dedicated server provider who can get a Linux server online for us
in the next three hours? We urgently need to move a live site due to
system failure.
Preferably west coast USA, but beggars can't be choosers
The point I am trying to make here is that ISPs should much more engaged in
this entire process.
most of the larger isps have reasonable security teams with some good
folk. but you need to be much more specific about what you want from
medium and smaller isps, and what the immediate payoffs (
If folks think that people are not "doing" massive correlation of criminal
activity on the Internet, they would be mistaken.
engineers judge by the results. and, unfortunately, we can read them in
the ny times.
though some recent papers sure make interesting reading. just picking
on one pa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Not in the habit of responding to my e-mail, but...
On Sat, Dec 13, 2008 at 12:29 AM, Paul Ferguson
wrote:
>
> On Sat, Dec 13, 2008 at 12:22 AM, James Hess wrote:
>
>>
>> An in-depth strategy with hundreds or thousands of factors examined
>> resul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, Dec 13, 2008 at 12:22 AM, James Hess wrote:
>
> An in-depth strategy with hundreds or thousands of factors examined
> results in a smaller
> (but still present) possibility of the filter/detector being fooled.
>
> IP-based methods can be com
>> On 08.12.13 09:33, Tomas L. Byrnes wrote:
>>> anyone with half a brain blocks proxies from their e-commerce site.
>> can you know at a reasonable confidence level that it's a proxy?
> Give me an IP address (privately, of course). I can tell you if it is, with
> consult from other colleagues in t
10 matches
Mail list logo
