-site must be under crippling attack
-The CPU on the CR MUST be under-60%
-The CPU MUST Remain under ~60% once the filter is in place(particularly if
the attack is still going on - if the CPU spikes above 60%, remove the filter)
-the filter must be removed as soon as the attack is over or , in the case
of batches of heavy attacks(15 minute-long attacks twice an hour or
something semi-erratic like that) within 24 hours.
Globix - 24h or until the attack goes away, rate-limit and filters as
permament solution only.
GlobalCrossings - can place permament filters, have flexible communities
to fight this kind of thing if you have a portable block. rate-limit for
ICMP by default for every T3+ or E/FE+ customers (not for T1/E1)
UUNet - temp. solution only until the attack goes away unless you're premium
customer and worked out this in the contract/service order
(requires to have full T3+;)
Sprint - no permanent, only if you have an OC3 and have a very good sales
rep, or if you know the right people in the right place to get a permanent
Teleglobe - 24h only to my knowledge, unless work out some sort of solution,
last time I checked they don't place CAR.
InterNAP - no CAR, no permanent filters on their side, only 24h or until the
attack goes away.
C&W - no permament unless in the contract or you know the right person.
Time & Warners - 24h, unless you work this in the contract.
куча провайдеров поменяли свои AUPs, добавии такие вот пункты:
Any conduct which violates the accepted norms and expectations of
the Internet community at large (whether or not detailed in this
Acceptable Use Policy). Genuity reserves the right, in its sole
discretion, to make a determination whether any particular conduct
violates such norms and expectations.
Any conduct that restricts or inhibits any other user, whether a customer of
Genuity or a user of any other system or network, from using or
enjoying any of Genuity's services or products, as determined
by Genuity in its sole discretion.
NapNet web site (now Genuity ISPD)
3. Attempts to interfere with or deny services to any user or host.
9. Any activity that potentially could harm Nap.Net's Network it's customers
networks or other networks.
7. Knowingly engage in any activities that will cause a denial-of-service
(e.g., synchronized number sequence attacks) to
any Sprint customers or end-users whether on the Sprint network or on
another provider's network.
8. Using Sprint's Products and Services to interfere with the use of the
Sprint network by other customers or authorized users.
ну и так далее, если есть вопросы по провайдерам ламерикозным либо в лист,
либо мне мылом.. ;)
"inet-admins" Internet access mailing list. Maintained by East Connection ISP.
Mail "unsubscribe inet-admins" to Majordomo@info.east.ru if you want to quit.
Archive is accessible on http://info.east.ru/rus/inetadm.html