lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 9 Mar 2010 12:11:57 -0800
From: James Matthews <nytrokiss@...il.com>
To: "Dobbins, Roland" <rdobbins@...or.net>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Ubisoft DDoS

I don't see why they didn't just block the attack. It must be more then
this.

On Tue, Mar 9, 2010 at 8:21 AM, Dobbins, Roland <rdobbins@...or.net> wrote:

>
> On Mar 9, 2010, at 11:01 PM, <Valdis.Kletnieks@...edu> wrote:
>
> > Oh, I didn't say they didn't exist.
>
> A good way to get started w/scalable DDoS mitigation is to implement S/RTBH
> on one's hardware-based edge routers, and then make use of open-source
> NetFlow tools for visibility.
>
> There are commercial solutions as well - in the interests of full
> disclosure (pardon the pun, heh), I work for a vendor of such intelligent
> DDoS mitigation (IDMS) solutions.
>
> These slides may be of interest in hardening/leveraging one's network
> infrastructure and gaining the ability to
>  detect/classify/traceback/mitigate DDoS:
>
> <http://files.me.com/roland.dobbins/k54qkv>
>
> <http://files.me.com/roland.dobbins/prguob>
>
> <http://files.me.com/roland.dobbins/k4zw3x>
>
> <http://files.me.com/roland.dobbins/dweagy>
>
> There was also a relevant talk at the latest NANOG (a synopsis of
> discussions on nanog-l and cisco-nsp):
>
> <
> http://www.nanog.org/meetings/nanog48/presentations/Monday/Kaeo_FilterTrend_ISPSec_N48.pdf
> >
>
> and other relevant presentations at various NANOGs in the past.
>
> To answer the previous respondent's question, Cisco acquired Riverhead and
> its Guard in early 2004:
>
> <
> http://www.cisco.com/en/US/prod/collateral/modules/ps2706/end_of_life_c51-573493.html
> >
>
> I also highly recommend this book by Dave Smith and Gregg Schudel of Cisco
> - it's the best (and only!) book on real-world opsec out there, available in
> dead-tree, Kindle, and Adobe Reader formats:
>
> <
> http://www.amazon.com/Router-Security-Strategies-Securing-Network/dp/1587053365/ref=sr_1_1?ie=UTF8&s=books&qid=1262667257&sr=8-1
> >
>
> [Full disclosure again; I'm cited in the book, but received and continue to
> receive no renumeration of any kind due to same.]
>
> But before going the commercial route, folks should work on hardening their
> hosts/OSes/apps and leveraging their existing infrastructure and open-source
> as noted in the presentations above - in many cases, this is all that's
> needed, as outlined here:
>
> <http://mailman.nanog.org/pipermail/nanog/2010-January/016747.html>
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins@...or.net> // <http://www.arbornetworks.com>
>
>    Injustice is relatively easy to bear; what stings is justice.
>
>                        -- H.L. Mencken
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://www.miami-criminallaw.com/practice-areas/cyber-crimes

--

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ