UDP port 80 DDoS attack

bas kilobit at gmail.com
Wed Feb 8 13:03:19 UTC 2012


On Wed, Feb 8, 2012 at 10:56 AM, George Bonser <gbonser at seven.com> wrote:
> I'll put it another way. Any provider that does not police their customer traffic has no business whining about DoS problems.

Most of us prevent their customers from sending out spoofed traffic.

77% of all networks seem to think so.
http://spoofer.csail.mit.edu/summary.php

However the remaining networks allow spoofed traffic to egress their networks.

When that traffic enters my network, I have no method whatsoever to
differentiate it from any other traffic.
I could ask my upstream where they see it coming from, which will be
quite hard if they do not have pretty fancy systems.
But if they receive it from a peer, I am as good as lost in trying to
find the culprit.

Bas




More information about the NANOG mailing list