One of the most difficult attacks to deal with is a DDOS attack, or distributed deniel of service, what can be done? well, one of the things would be to use a routing protocol named BGP...

DDOS attacks are difficult to handle because they come from a lot of sources and you cannot block an IP or subnet to stop it, in addition, even of you could block it on your firewall, these attacks congest your internet connection upto the point that no traffic runs through it (in severe attacks).

In order to accomodate with such a situation, one needs to identify the attack type and reason, such as why did it take place? what is the attackers attacking? what triggered the attack? (recent press releases by your company etc...) this information will supply you with a good starting point as of how to deal with the attack.

One way is to use an additional ISP connection and setup BGP on your border routers thus having two different channels and two different IP's to the same nnetwork, should one be congested users can always use the second one (or third fourth etc...).


For more information see this BGP related do*****ent.