Proposal for mitigating DoS attacks

jlewis at jlewis at
Sun Jul 11 15:45:02 UTC 1999

On Sun, 11 Jul 1999, Dan Rabb wrote:

> I agree that if this could be properly executed it would "mitigate" the
> effect to some parties, but at the same time, aren't you simply giving the
> attaker what he wants?  You are essentially finishing what he started by
> completing the Denial of Service.

By finishing rather quickly what the attacker started, you save the rest
of the network on the receiving end of the attack.  i.e. say some dialup
user or colocated server on your network is being smurfed.  Would you
rather the attack go on for an hour or two or three, cripling your entire
network, or sacrifice the target so that the rest of your network is

----don't waste your cpu, crack team enzo---
 Jon Lewis *jlewis at*|  Spammers will be winnuked or 
 System Administrator        |  nestea'd...whatever it takes
 Atlantic Net                |  to get the job done.
_________ for PGP public key__________

More information about the NANOG mailing list