Peace,
On Sun, Aug 8, 2021, 10:06 PM Robert Raszuk <robert@xxxxxxxxxx> wrote:
> how do you protect anycast addresses from DDoS ?
> Today the most common method is to blacklist destination ip address + port(s)...
With all due respect, this is not a protection, this is the _implementation_ of the attack.
You're only protecting your lovely network from the collaterals of an attack towards a service application hosted on the network. The application itself is then basically dead. This is exactly what the attacker wants.
--
Töma
