DDOS prevention offensive.
Jason Slagle
raistlin at tacorp.net
Thu Jul 12 17:19:26 UTC 2001
On Thu, 12 Jul 2001, Bill Larson wrote:
>
> Well to sum it up in one sentence. If you eliminate the bogus addresses, you
> can then target the actual zombie machines used to attack the site and
> eventually eliminate the risk via patching or null route them. So filtering
> bogus addresses, non-routable addresses, and the addresses, which do not
> belong to your net blocks, would serve to combat the denial of service
> attacks.
I believe the attacks in question are actually non-spoofed.
It's getting the source networks to remove the boxes that is the
problem. Most of them are .edu.
--
Jason Slagle - CCNP - CCDP
Network Administrator - Toledo Internet Access - Toledo Ohio
- raistlin at tacorp.net - jslagle at toledolink.com - WHOIS JS10172
/"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
\ / ASCII Ribbon Campaign . Interim Team Lead - . Admin -
X - NO HTML/RTF in e-mail . Coders . wombat.dal.net
/ \ - NO Word docs in e-mail . Team Lead - Exploits . DALnet IRC Network
More information about the NANOG
mailing list