Protect internet Router from ddos attack

Similar Messages

• Monitoring Internet Router from inside network

  I need help in setting this up. At the moment we are using Opmanager monitor our routers inside the network. I want to monitor our internet router sitting outside the network. Be really grate if someone can help out or point me out on how to set this up.
  Regards

  Thanks for your reply. Actually what I want is for my monitoring application sitting inside my network to monitor my internet router via SNMP. There is a FW in between
  I have tried that PRTG application and its not bad. Thanks

• My iMac was infected with a virus or malware the other night. I was told that I didn't have any firewall protection. How do I fix that? And what kind of software should I use to protect my computer from further attacks?

  I am running OS X Version 10.9.5 on n iMac I brought in 2011. Had a virus or malware attack the other night and a window opened with a # to call for help. Didn't know if I should trust the # but ended up calling it anyway and paid to have them 'fix' things. Was told I didn't have firewall protection. Am not sure if I do now. [It still says to allow all incoming connections]. So what do I do now? And what kind of antivirus program is recommended?
  Firewall

  Read "Ransomware" web pages.
  Assuming you let the scam outfit remotely control your Mac, the information on it can no longer be considered secure. Neither can the Mac itself. You should immediately shut it down and take actions to prevent or recover from identity theft, which is quite likely to have occurred. This means contacting the financial institutions and other companies that may permit access to your accounts using login names and passwords, canceling and replacing credit cards, and similar actions that only you can know.
  Determine if you can contest the charge made to your credit card for this criminal transgression.
  And what kind of antivirus program is recommended?
  None. The Mac is highly secure against malware or virus intrusion, but nothing can prevent you from willfully installing dubious software or granting remote access to criminals. No "anti-virus" software in the world will protect you from that. The OS X application firewall is not intended to prevent this sort of occurrence.

• How to protect the phone from attacks?

  Hi there,
  I just found an interesting and dangerous tool:
  http://www.getjar.com/products/15782/MagicBlueHack
  It says you can make free calls and send free SMS just by connecting to any other Bluetooth enabled mobile phone, the other phone even does not need to install this software...
  How can one protect his phone from such attacks besides turning off Bluetooth?

  Exactly. Your best line of defence is common sense.
  Firstly, don't leave bluetooth on unless you need to use it.
  When you do need it, don't leave your phone as discoverable. Leave it as "hidden". You only need it to be discoverable if trying to pair another device with it.
  If a pairing request comes in while the phone is discoverable, ask yourself if you were responsible for it. If in doubt, don't accept the request.
  Was this post helpful? If so, please click on the white "Kudos!" star below. Thank you!

• Need help please programs to stop DDOS attacks

  hi all sorry if this is off topic but i play jedi knight jedi academy multiplayer and my server and my internet connection, or my i.p i'm not sure which or if it's both but i'm being DDOSed. is there a way to stop my connection/i.p from being attacked and making my connection so slow? is there a program i can buy or download for free that will 100 percent protect my ip/connection from DDOS attacks without a question of a doubt?. thanks

  If your IP is being obtained from people on skype because they know your Skype IP then you need to enable the following.  It will protect you as long as your contacts are not the one's doing it.  If they are, they would no longer be my contacts to protect myself and on a personal level.
  If your IP is being obtained by the games you play or you are hosting a server by IP, then there really is nothing you can do.  Even if you utilize a proxy server paid or free, it will only stop you from being knocked completely offline, but won't stop your server from going down.  Only your ISP may be able to help you and all they might be able to do is block the offending party or change your IP, but that doesn't solve the end problem.  
  The real-world solution against DDoS attacks is a combination of software, hardware or cloud, offering psuedo DDoS protection, which may be out of anyone's normal/comfortable price range.  You can do a web search for DDoS protection and you may be able to find something that will work for  you.

• Routing from internal network to external (internet) - is this possible ?

  Hi all,
  I know that private IPs cannot be used on the internet. But what will be the component that is preventing it ?
  In this setup below, assuming i am assigned a /24 public ip block, but i am not going to use or assigned them (e.g. NAT), how/where will my packet from host 1 to 8.8.8.8 be dropped ?
  Regards
  Noob

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Well, as Jon has already noted, packet is forwarded only by its destination IP.  Which means, if the original packet has only a private IP in its source address, it won't be involved in the forwarding decision.  (Again,  the source IP might still be subjected to analysis that will block the packet at some point.)
  So, your private IP will only be a routing consideration if the receiving host is trying to reply and use your original source IP as the return packet's destinations IP.  (I suspect you understand the foregoing, but I did want to insure there's no misunderstanding.)
  Ok, so if the original destination host generates a packet with a private IP for destination IP, it would be (most likely be) treated, from that host, like any other packet that host generates with a private IP in the destination.  I.e.  The network will attempt to deliver it.
  If the prefix destination is totally unknown, the packet will be dropped unless the forwarding router has a default route (or aggregate) that covers it.
  Assuming there's a local private subnet, that matches the destination, the network will deliver it to that network, and if there's a host with that actual private IP, the packet will be delivered to it.  Usually, the overlapping private IP host will drop the packet, as it won't have process expecting the packet, but it's possible, a process is might accept the packet and attempt to process it.  Then, most likely, the process will go "huh?" and drop the packet.  However, it's also possible the newly receiving host will reply to your original receiving host, i.e. those hosts will now fling packets back-and-forth, because of your original packet.  Again, this is all very unlikely normally, more so if the network isn't "sloppy", but such routing is the basis for some DDoS attacks. (For example, I place another host's IP in my packet's source IP, and then send out ping to the network broadcast IP.  Hosts receiving the ping will send a ping reply to the host I targeted.)

• Does Cisco ASA 5500 can protect DDos Attack - Sync Flood?

  Dear All,
  Anyone do you know Cisco ASA 5510 or 5520 can protect DDos attack ans sync flood ?
  I have problem on this, so how can i protect on this, some time i saw on my log like this
  "sync flood " or "ddos to xxx.xxx.xxx.xxx" the ip address random .
  Please help me to solve this issue?
  Best Regards,
  Rechard

  Hi Rechard..Those are tcp connection values
  ip inspect max-incomplete high value (default 500)---------------->embryonic connection upper threshold value
  ip inspect max-incomplete low value (default 400)-------------------->embryonic connection lower threshold value
  ip inspect one-minute high value (default 500)------------------------>total connection  in 1 minute, upper threshold
  ip inspect one-minute low value (default 400)--------------------------->total connection in 1 min, lower threshold
  ip inspect tcp max-incomplete host value (default 50) [block-time minutes (default 0)]
  Therefore by implementing IOSFW in your router and tweaking these values you may protect your internal servers from being bombwarded by SYM flood or any DOS flood, keeping in mind if there is a trrue attack then your router will proctect your internal servers however router itself will take a toll on itself, ideally to mitigate an attack the thumb rule is to mitigate by going as close to the source of the attack as possible
  you may also want to read:
  http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/prod_white_paper0900aecd804e5098.html

• How do you protect yourself against DDOS attacks?

  I'm starting a new job soon for an employer who has had the occasional ddos attack against their website.
  Anyways I was wondering, how do you guys protect yourselves against ddos attacks?
  The way my employer fought against it last time was rather unelegant and a sort of lucky situation. They noticed that all the attacks came from IPs which where located in foreign countries, so they simply blocked entire ip ranges which werent from the country they were providing the service for.
  This seems like quite a drastic measure to me. After all, one goal of my employer is to become more international, and even if you cater only to local clientele, plenty of legitimate users could be across the border.
  Specifically protecting Apache against DDOS attacks is what I would be interested in.
  Can anyone suggest some software or setup I should research for this?

  A colleague of mine recently had one of his own servers under a DDOS attack. Nginx helped out a bit. But the holy grail in this case was Fail2ban.
  Now, usually a DOS would mean that massive requests are issued within a short time. Such behaviour is easily identified and blocked. But how do you react when its distributed and each individual node is issueing requests at a normal rate?
  Well in my tests I came to the conclusion that its all about the difference in typical behaviour of legitimate visitors to a site and automated requests as in the case of a DDOS attack.
  For example, while a DOS bot might not issue requests at an alarmingly high rate (slow and steady wins the race), but will continually issue requests for hours.
  So rather than trying to catch "burst" behaviour with requests crossing a certain threshold in a short amount of time, I instead configured fail2ban to check for IPs which crossed a certain threshold after an hour, and then block that IP for 24hours.
  It might take a while to find the sweet spot. And it wont be effective immediately. But with a little patience the blocklist started to fill up, and after a few hours the DDOS'ers seemed to have run out of IPs from which to attack.
  It makes sense if you think about it. A legitimate human user, will go to a site, and spend most of their time reading content, rather than klicking links. Well, usually anyways.
  Also, I've noticed that bots always seem to hit the same URL. Meaning, the main url of the site, and not selecting any links within the site. While I suppose that it would be trivial to configure a bot to act more legitimately and have it actually klick through all available links, I think it kind of defeats the purpose. Or at least most script kiddies won't go that far.
  If you know your way around with REGEXP, I'm sure you could come up with some really nicely custom-tailored rules for fail2ban to use in identifiying and blocking ips. So for example, rather than simply counting ANY connection made in the http logs, you could concentrate on IPs which only and continually access the main the url, over and over again.
  Legitimate users will most likely click on other links as well, so if you manage to exclude these kinds of accesses from Fail2ban's counting mechanism, you minimize the chance of locking out legitimate users.

• Isolate linksys router from LAN while retaining internet

  Hi guys,
  got a bit of a problem that I've spent the past 3 hours trying to nail down. My main router is a MI424WR for my FIOS connection. It serves several computers, wired and wireless. I have an old linksys BEFW11S4 router that I am trying to use with a weaker (WEP) encryption so some devices can still use internet that would not otherwise access a WAP or WAP2 access point, and since WEP is easily crackable, I would like to isolate the WEP router (linksys in this case) from the rest of the internal network, which contains shared files)
  As it stands, I have connected the WAN port of the linksys to one of the LAN ports of the MI424WR, assigned 192.168.2.1 as linksys' IP address (on a separate subnet, as the FIOS router has a 192.168.1.1 address), received a DHCP Internet address from the MI424WR, and have also enabled DHCP on the linksys router itself in order to allow client devices to get their own addresses and access the internet.
  Now, based on what I've been reading, connecting the main router's (MI424WR) LAN port to the WAN port of the linksys should create two separate LAN segments, which should separate the local networks from one another. There is obviously something I'm missing here... I am getting essentially the same result as connecting the LAN port of the FIOS router to the LAN port of the linksys router. Shouldn't there be a difference between the WAN and LAN ports in this case?
  Any help is appreciated.
  Thank you.
  Any suggestions?

  The hookup that you did will only protect the BEFW11S4 users from the MI424WR users.   It will not protect the MI424WR users from the BEFW11S4 users.
  This is because the WAN port on the BEFW11S4 only blocks unsolicited data coming into the BEFW11S4.  The WAN port does not block any outgoing data.
  The solution to your problem is this:
  MI424WR  ----  BEFW11S4
                  ----  WRT54G  (or any other wireless router of your choice)
  MI424WR  LAN port wired to BEFW11S4  Internet port.
  MI424WR  LAN port wired to WRT54G  Internet port.
  No other devices connect to MI424WR, either by wire or wirelessly.
  Turn off wireless in the MI424WR.
  All wired and wireless computers (and other secured devices) connect only to the WRT54G, which is using WPA or WPA2 and a strong password.
  In this setup, the Internet port of the WRT54G will prevent intruders from getting into your secured network on the WRT54G, even if the BEFW11S4 is compromised.
  Also the BEFW11S4 and the WRT54G should be using:
  1)  different SSIDs
  2)  different encryption methods
  3)  completely different passwords, that are in no way similar, since someone might crack your WEP password.
  4)  different channels.  There are 11 channels to pick from.   You can use any two channels, but ideally they should be 5 or more channels apart.  Channels 1, 6, and 11 usually work the best.
  Message Edited by toomanydonuts on 01-14-2010 02:04 AM

• Why can't I set up my AirPort Extreme as a wireless jumper from my Cable internet router ?

  Why can't I set up my AirPort Extreme as a wireless jumper from my Cable internet router ?

  If it "joined" my network is it extending the coverage of my wifi network ?
  Please review my previous answer in the post above......
  But, the Express does not  "extend" or "repeat" the wireless signal when it joins a network.  In other words, wireless devices cannot connect to the AirPort Express the way that you have it set up.
  If so can my Airport Extreme be set up to "join" my network and also extend the coverage of my network ?
  Again, please review my previous answer in the first reply above......
  The AirPort Extreme does not have this type of capability.
  If you have both an AirPort Extreme and an AirPort Express.....my suggestion....again, found above in a previous post.....
  It takes a minimum of two Apple routers to extend a signal using wireless.
  You could do this by connecting the AirPort Extreme to your cable router using a permanently installed Ethernet cable and then configuring the AirPort Extreme to "create a wireless network".
  Then add an AirPort Express in a location where it can pick up a strong wireless signal from the AirPort Extreme and configure the Express to "extend a wireless network".
  You would not use the wireless on your cable router at all, unless you wanted to reserve that network for guests or something similar.

• Access a webserver on a computer that has a router from the internet.

  Hi I am new to routers and wanted to get some information on how to access a webserver that is on a computer which is connected to a router. I am very confused about port forwarding. Basically lets say that the webserver is on a computer with the ip of 192.168.1.100. I want to know how to use the internet IP (either one that is auto or one that is fixed) to connect to the webserver outside of the local network from a computer on internet. I was able to do it before the router was installed. Can someone explain this to me or point me into the direction of something that is easy to understand? Thanks, Message Edited by wjriv on 03-26-2008 09:16 PM
  Message Edited by wjriv on 03-26-2008 09:16 PM

  Still having problems..   I  have configured the router to forward ports 80  (web server) to  my Linksys router address of 192.168.1.100  (which is the address for the computer that the web server is on).   I also tried DMZ to 192.168.1.100..
  I use DynDns to direct my IP address...
  I know it works, because I can access the router config from the Internet through port 8080...   But when I try to put in my DynDns or actual IP address  (for example: 100.110.10.201)   I enter it as follows:    http://100.110.10.201:80
  But I am not able to access the web server from out side of my network.
  I have also made my computer with the web server keep the IP address static.
  Are there any other things that need to be configured in the router or even in the firewall of the computer? 
  I have noticed that this has been a major issue in different forums, but I have not been successful with a solution.
  My ISP is  Bellsouth.net..   I am not sure if  they could be blocking anything..
  It actually works when I remove the router from the system and just connect it directly..  so that is telling me that there is something else that needs to be configured on the router.
  Can anyone help me or direct me to the solution?
  This is really frustrating....
  Thanks..

• On my 4gen ipod i have to move close to the internet router to get a better signal.while on my iphone and other devices they connect from anywhere in the house

  my ipod needs to get closer to a router to get a better signal and why is that.But my other devices like iphone ipad connet from anywhere in the house to our internet.how do i fix my ipod so i wont have to get close to a internet router to get a better wi-fi signal like other normal devices.

  If you have that problem with all networks that tends to indicate that the antenna connection is lose.
  http://www.ifixit.com/Guide/Installing+iPod+Touch+4th+Generation+Wi-Fi+Antenna/3 640/1

• RVS 4000 DDOS Attacks

  Hello!
  Since I got a NAS System connected to my Network (one Month ago) I get attacked every day by DDOS attacks.
  I Just set my NAS to the DMZ of my Router and opened 3 Ports for Service of QNAP.
  I assume that at this moment I got scanned and thererfore the intrusions started.
  For the last month I experianced nearly every Day Internet Connection Problems and the Router didn't respond anymore.
  As I found last week a new Firmwar-Version I updated my router, enabled IPS and applied the latest Security file.
  In the IPS Report I found loads of DDOS and Synflood attacks.
  With IPS my Router Works and I got no more problems that my Inet access is corrupted BUT now I got the Problem that my
  downloadrate sunk to 20Mbit from formerly 100Mbit.
  I already wrote my ISP about this situation and want them to change my WAN-IP Adress but they to it only in very urgent cases.
  Is there any option to operate the RVS 4000 save AND fast???

  Sorry I seem to have no access to the documentation,
  I get:
  Forbidden File or Application
  The file or application you are trying to access may require additional entitlement or you are trying to access a file with an invalid name. Additional entitlement levels are granted based on a users relationship with Cisco on a per-application basis.
  If you feel you have reached this page in error, please try one of the following methods to locate your document:
  If you are manually entering the URL into your browser location bar, be sure to include the file name of the page you are trying to access (file names typically end in .htm, .html or .shtml).
  Use the Search feature located in the upper right section of this page.
  Return to the Cisco.com Home or select a primary site area from the top navigation bar.
  Consult with your Cisco Account Manager to confirm you have the appropriate entitlement to access this page.
  If you would like to contact someone about this problem, please click on the Contacts & Feedback link below.
  Back
  Sorry to bother You again but I have to know in other words if I have extra costs for the IPS or just have to purchase the device like the RVS4000?!? I still do not understand what you mean with paid feature.
  Sorry english is not my mothertounge.

• Possible internet routing issues driving me crazy!

  I've somehow hit a problem accessing a particular favourite website and it seems I may have a routing issue.
  I've spoken with a friend who is fairly network savvy and he's suggested I raise a case \ complaint with BT. I thought I'd use this forum to test if I'm missing something I could be doing to fix it before logging a problem with BT Helpdesk!
  I've a BT Homehub 2 (Current firmware    4.7.5.1.83.3.5 (Type B) and I can access pretty much all websites I care to look at without any issue at all, however the site I read most days is now no longer viewable on any of my 2 PC's nor my iPhone. When I try to access it I  get no error messages at all just a blank white page.
  Doesn't matter if I try using IE or Firefox or Chrome browers it's the same result - I just see a blank white page.
  The site in question www.celticquicknews.co.uk (or www.celticquicknews.com) and is definitely available, as I can access it when using a site such as http://www.free-internet-organization.tk/ on both my PC's and iphone so I know the web site is up and running and available for browsing but since Thursday lunchtime I've had no joy in being to access that particular site directly wihout resorting to using another middleman site to let me view it.
  I have tweeted the guy who hosts the www.celticquicknews.co.uk site and he's said his site is fine but has numerous similar queries around BTINTERNET folks having the same issue as I'm reporting.
  I run McAfee Internet Security and having disabled the various firewall \secure browsing functions no improvement still no joy.
  I did successfully somehow connect directy to the illusive web site this morning (Sunday 1st May) on my iphone at around 10am, but by the time I boiled the kettle to have a coffeee and sit and read the site it became inaccessable again on my iphone and both my PC's! So what's going on?
  www.celticquicknews.co.uk [217.174.253.143]
  www.celticquicknews.com [217.174.253.143]
  Homehub TCP\IP info is as below which I suspect is of value to the more techincal on the forum:
  Broadband network IP address    109.152.154.29
  Default gateway    217.32.142.102
  Primary DNS    194.72.0.114
  Secondary DNS    62.6.40.162
  ADSL line status
  Connection Information
  Line state    Connected
  Connection time    0 days, 01:11:16
  Downstream    15,978 Kbps
  Upstream    1,144 Kbps
  ADSL Settings
  VPI/VCI    0/38
  Type    PPPoA
  Modulation    G.992.5 Annex A
  Latency type    Interleaved
  Noise margin (Down/Up)    5.2 dB / 6.0 dB
  Line attenuation (Down/Up)    31.0 dB / 13.8 dB
  Output power (Down/Up)    23.6 dBm / 1.7 dBm
  C:\>tracert -d 217.174.253.143
  Tracing route to 217.174.253.143 over a maximum of 30 hops
    1    <1 ms    <1 ms    <1 ms  192.168.1.254
    2    15 ms    15 ms    15 ms  217.32.142.102
    3    18 ms    17 ms    16 ms  217.32.142.142
    4    22 ms    22 ms    21 ms  213.120.163.26
    5    22 ms    20 ms    21 ms  217.32.27.30
    6    21 ms    21 ms    21 ms  217.32.27.178
    7    22 ms    21 ms    21 ms  109.159.250.78
    8    33 ms    35 ms    35 ms  109.159.250.13
    9    28 ms    28 ms    29 ms  62.172.102.1
   10    29 ms    28 ms    28 ms  195.66.224.98
   11    33 ms    34 ms    33 ms  88.208.255.61
   12    38 ms    32 ms    33 ms  88.208.255.102
   13     *        *        *     Request timed out.
   14     *        *        *     Request timed out.
   15     *        *        *     Request timed out.
   16     *        *        *     Request timed out.
   17     *        *        *     Request timed out.
   18     *        *        *     Request timed out.
   19     *        *        *     Request timed out.
   20     *        *        *     Request timed out.
   21     *        *        *     Request timed out.
   22     *        *        *     Request timed out.
   23     *        *        *     Request timed out.
   24     *        *        *     Request timed out.
   25     *        *        *     Request timed out.
   26     *        *        *     Request timed out.
   27     *        *        *     Request timed out.
   28     *        *        *     Request timed out.
   29     *        *        *     Request timed out.
   30     *        *        *     Request timed out.
  Trace complete.
  C:\>
  I've reset my HH several times over the weekend and am baffled as to how I can somehow have 1 site excluded from my browsing options for no obvious reason other than a suspected internet routing issue.
  My iPhone is on ORANGE and when disabling the wireless connection it too is unable to view the site in question so it's a real pain!
  Not sure where to go to progress this so any help \ guidance is very much appreciated.......
  Solved!
  Go to Solution.

  Appreciate the help....been out for most of the day and checked in to see if any additional posts.
  I tried pinging the site and it does seem to resolve OK and also tried accessing site via IP but same issue - blank white page.
  >ping www.celticquicknews.co.uk
  Pinging www.celticquicknews.co.uk [217.174.253.143] with 32 bytes of data:
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Then tried the telnet command "telnet 217.174.253.143 80" and I do not get any errors and as suggested the command prompt goes blank but no matter what I type I get no errors or response from server 217.174.253.143.
  My IP address has changed from this morning and sadly still same issue for me.
  Internet connection configuration
  Connection Information
  Connection time
  0 days, 10:05:37
  Data Transmitted/Received (MB)
  10.8 / 29.4
  Broadband username
  [email protected]
  Password
  Not configured
  TCP/IP settings
  Broadband network IP address
  86.147.168.198
  Default gateway
  217.32.142.102
  Primary DNS
  194.72.0.114
  Secondary DNS
  62.6.40.162
  The tracert comments make sense so that's helped me understand, thanks for checking that out.
  So what's the best option for me? Am I wasting BT and my own time logging a case?
  I'd not usually bother pursuing this for the sake of a single web site but I'm bemused how this has happened since last week?
  Thanks again for all help and guidance.
  PJ

• The growth of the internet routing table + LISP

  I have been challenged with the task of putting together a 15-20 minute presentation of how I might go about solving the problem of the growth of the internet routing table.
  If I am understanding the question correctly - as the internet grows so will the number of IPv4 and (moreso) IPv6 prefixes that appear in the global internet routing table. This will mean that the PE and P routers in a Service Provider network will find themselves having to deal with more prefixes that will in turn increase the possibility of bogons interferring with proper routing and increase the load on the routers themselves.
  Besides being a very open ended question, I am trying to look at it from the perspective of a Service Provider (whom I work for) and have come up with the following options (admittedly this is only after a quick google on the topic):
  > Improvise in the short term by adjusting CAM table allocation
  > Use selective hearing by filtering prefixes that are not important
  > Use external assistance like LISP and DNS
  > Spend Money and upgrading existing routers to handle the load
  Obviously with only a 20 minute window I cannot talk about much and I would like the options to be innnovative and interesting. LISP seems like an interesting option and I would like to learn about it - however I am having trouble tracking down resources that give a basic introduction to exactly what and how LISP works (every time I try and search for it a get pushed to sites talking about the programming language ).
  So this leads me to two questions:
  1. Is there anything important, vital or interesting that I have not included in my quickly put together list above.
  2. Is anyone aware for a good site/resource that explains LISP from a beginners/tutorial-type perspective.

  I have been challenged with the task of putting together a 15-20 minute presentation of how I might go about solving the problem of the growth of the internet routing table.
  If I am understanding the question correctly - as the internet grows so will the number of IPv4 and (moreso) IPv6 prefixes that appear in the global internet routing table. This will mean that the PE and P routers in a Service Provider network will find themselves having to deal with more prefixes that will in turn increase the possibility of bogons interferring with proper routing and increase the load on the routers themselves.
  Besides being a very open ended question, I am trying to look at it from the perspective of a Service Provider (whom I work for) and have come up with the following options (admittedly this is only after a quick google on the topic):
  > Improvise in the short term by adjusting CAM table allocation
  > Use selective hearing by filtering prefixes that are not important
  > Use external assistance like LISP and DNS
  > Spend Money and upgrading existing routers to handle the load
  Obviously with only a 20 minute window I cannot talk about much and I would like the options to be innnovative and interesting. LISP seems like an interesting option and I would like to learn about it - however I am having trouble tracking down resources that give a basic introduction to exactly what and how LISP works (every time I try and search for it a get pushed to sites talking about the programming language ).
  So this leads me to two questions:
  1. Is there anything important, vital or interesting that I have not included in my quickly put together list above.
  2. Is anyone aware for a good site/resource that explains LISP from a beginners/tutorial-type perspective.