DDOS prevention offensive.
Rob Thomas
robt at cymru.com
Thu Jul 12 17:03:43 UTC 2001
] Discuss the effect that wide spread filtering against spoofed
] addresses would have on the current number of DDOS attacks.
I performed a statistical analysis of a collection of log files
from one oft-targeted site. The data therein revealed that 68%
of all the naughty packets contained obviously bogon source
addresses (e.g. 127/8).
I wouldn't extrapolate this analysis to fit all sites. I see
more than enough DoS attacks were the source is not spoofed. I
do think such filtering would go a long way towards mitigating
DDoS attacks.
--
Rob Thomas
http://www.cymru.com/~robt
cmn_err(CE_PANIC, "Out of coffee...");
More information about the NANOG
mailing list