[c-nsp] Nice EEM applet to protect against certain DDoS situations (sup720)
Dobbins, Roland
rdobbins at arbor.net
Sun Aug 8 01:21:48 EDT 2010
On Aug 8, 2010, at 5:18 AM, bas wrote:
> And then decided to remove the IP address from the server (or shut it down)
Why not S/RTBH or IDMS or even ACLs, instead of completing the DDoS for the attacker? Any of those techniques wouldn't result in high CPU on your infrastructure.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
More information about the cisco-nsp
mailing list