DDOS prevention offensive.

Rob Thomas robt at cymru.com
Thu Jul 12 17:03:43 UTC 2001

] Discuss the effect that wide spread filtering against spoofed
] addresses would have on the current number of DDOS attacks.

I performed a statistical analysis of a collection of log files
from one oft-targeted site.  The data therein revealed that 68%
of all the naughty packets contained obviously bogon source
addresses (e.g. 127/8).

I wouldn't extrapolate this analysis to fit all sites.  I see
more than enough DoS attacks were the source is not spoofed.  I
do think such filtering would go a long way towards mitigating
DDoS attacks.

Rob Thomas
cmn_err(CE_PANIC, "Out of coffee...");

More information about the NANOG mailing list