New Denial of Service Attack on Panix
Paul Ferguson
pferguso at cisco.com
Tue Sep 17 18:57:42 UTC 1996
I would personally like to see this topic added as an agenda item at
the upcoming Ann Arbor NANOG meeting. At least a brief discussion of
conventional wisdom (filter on valid source prefixes at periphery, etc.)
should be in order.
- paul
At 04:14 PM 9/16/96 -0700, Kent W. England wrote:
>Dear NANOG/IEPG Folks;
>
>As you should know by now from reading the papers, Panix, the first ISP in
>NYC, has come under a new denial of service attack. The Wall Street Journal
>quoted Bill Cheswick to the effect that the attack is "unstoppable". Almost,
>but not quite, true.
>
>It's true that there isn't anything that Panix can do on its own to stop
>this attack. It's true that it would be hard to verify source addresses at
>MAEs and NAPs. But we could all verify source addresses at the first hop
>entry points. And get default route and unauthorized transit protection to
boot.
>
>I'd like to know what the community thinks can be done to deal with an
>escalation of these attacks should this occur. Are you doing any source
>address verification now? Are you doing anything to help Panix? Could you?
>
>How seriously do you take this threat? If Panix were to go out of business
>and Bob Metcalfe wrote a column on it, ( :-) do you think we would have to
>deal with it together then, or can we sit tight and expect it to blow over?
>After all, it's easy to dump chemicals in the reservoir, but we still drink
>the water, right?
>
>Thanks.
>
>--Kent
>
>
>~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~
>Kent W. England Six Sigma Networks
>1655 Landquist Drive, Suite 100 Voice/Fax: 619.632.8400
>Encinitas, CA 92024 kwe at 6SigmaNets.com
>Experienced Internet Consulting ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~
>
>
>
More information about the NANOG
mailing list