[c-nsp] Cisco way against DoS/DDos Attack?
Monty Ree
chulmin2 at hotmail.com
Wed Jan 3 03:37:01 EST 2007
Hello, list.
A friend of mine who manages network, have suffered from Dos/DDoS attack
from zombie PC last night.
When the attack was going, traffic was about 2~3GBit/s over.
Now the attack is not going, but someday can be attacked again.
Surely, my network can be attacked by ddos too.
So, is there any cisco method against DDoS attack which send large
traffic(bps,pps) like above?
If I have been attacked, I would be do below..
1st. find source & dst ip which related attack and null routing.
# ip route 1.1.1.1 255.255.255.255 Null 0
2nd. filter source ip using access-list
3nd. rate-limit per ip
ex) rate-limit input access-group 150 2000000 250000 250000 conform-action
transmit exceed-action drop
4nd. ????
If DDoS was attacked, filtering all source ips would not the right answer.
and firewall would't defense because of large traffic.
So is ther any good method or documentation or new technology against DDos
Attack using cisco?
My network equipment is GSR(12008) and 6509sup2.
Thanks for your time..
_________________________________________________________________
Áö±Ý °¡±îÀÌ ÀÖ´Â ½Ì±ÛµéÀ» ã¾Æ º¸¼¼¿ä!
http://match.kr.msn.com/channel/index.aspx?trackingid=1002127
More information about the cisco-nsp
mailing list