SYN floods (was: does history repeat itself?)
Dima Volodin
dvv at sprint.net
Mon Sep 9 18:29:00 UTC 1996
And let's stop fooling ourselves with all those firewalls and other
security toys - what we really need is cooperation among ISPs and world
peace.
Cheers
Dima
Michael Dillon writes:
>
> On Mon, 9 Sep 1996, Perry E. Metzger wrote:
>
> > PANIX, a large public access provider in New York, was badly hit with
> > SYN flood attacks from random source addresses over the last few
> > days. It nearly wrecked them.
> >
> > I think its time for the larger providers to start filtering packets
> > coming from customers so that they only accept packets with the
> > customer's network number on it.
>
> I disagree. A better way to do this would be for providers to cooperate to
> track down the people who are doing it and make sure to flood the media
> with press releases when the culprits are arrested. If the cracker
> wannabe's realize that source-spoofed SYN attacks can still be quickly
> traced, they will stop doing it.
>
> And the cooperation would do the net some good; maybe lead to more
> cooperation down the line.
>
> Michael Dillon - ISP & Internet Consulting
> Memra Software Inc. - Fax: +1-604-546-3049
> http://www.memra.com - E-mail: michael at memra.com
>
>
More information about the NANOG
mailing list