snarfsmojo_2827
Aug 04, 2016Nimbostratus
stop DoS attack when originator is behind carrier grade NAT
Hypothetical Scenario : I have a web server on the internet. I notice a DoS attack happening against this server. My first instinct is to blacklist the IP address of the originator at the edge of my network, but I come to find out that the IP of the originator is actually part of an ISPs carrier grade NAT. If I blacklist the IP address at the edge of my network, thousands of legitimate customers will not be able to get to my website.
Question: What F5 product/technology could be used to stop a DoS attack, when the originator is behind carrier grade NAT, without disruption of service to other customers?