SYN floods continue

• Previous message (by thread): SYN floods continue
• Next message (by thread): SYN floods continue
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I must say that I agree about the SYN floods being a huge problem.  A lot
of our customers are getting "attacked" as well as possibly some of our
machines.

While I despise the "death of the net" phrase, I agree something must be
done.  But a few filters in a few core routers in a few small ISPs will have
a null effect on the situation.  

Until this problem becomes gigantic enough that it affects large networks
such as MCI, Sprint, UUNet, etc. I don't predict much will be done.  
So I presume the best we can hope for is that..  and this may sound a bit
nasty..  that the bigger networks start getting attacked.  That is the only
way there will be a call to arms.

Rob
Exodus Communications Inc.
> We got hit again tonight. This time on seven different machines- three
> mail hosts, two news machines, our web site, and VTW's web site (we
> provide all service for VTW).
> 
> I am simply amazed that anyone would attack VTW. Even the shmuck who's
> attacking us benefits from VTW's work. Why would anyone attack them?
> 
> Anyway. Point is this: We can't take too much more of this, nor can our
> customers. I have yet to hear *anyone* come up with any ideas even remotely
> reasonable for how to deal with this situation, long term, except for the
> filtering that Avi, Perry, and I have been promoting these last few days.
> 
> Whether or not existing equipment can handle the job is *IRRELEVANT*. If
> it won't, new equipment must be bought. The net won't survive without it.
> 
> (And yes, I've been hearing "death of the net" predictions for longer than
> most readers of this list have been on the net. This could really be it.)
> 
> /a
> 

• Previous message (by thread): SYN floods continue
• Next message (by thread): SYN floods continue
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]