GRC rides again...

Roeland Meyer rmeyer at mhsc.com
Tue Jul 3 05:10:49 UTC 2001


> From: Ron Buchalski [mailto:rbuchals at hotmail.com]
> Sent: Monday, July 02, 2001 7:52 AM

> It may be possible for the features of qos to help limit the 
> extent of the 
> attack, but with no predictability of where the attack 
> sources or attack 
> destinations are, you'd either need to apply qos when the 
> attack occurs 
> (reactive), or deploy it EVERYWHERE, on ALL provider's 
> networks (intensely 
> proactive).  I doubt that anyone has the time or effort to 
> deploy worldwide 
> qos in order to stop random (and small, compared to overall 
> traffic) dos 
> attacks.

This WAS the idea, thanks for pointing out the weakness. Basically, yet
another means to filter. But, too much work to implement. According to this,
it wouldn't scale.



More information about the NANOG mailing list