DDOS prevention offensive.

Roeland Meyer rmeyer at mhsc.com
Thu Jul 12 21:57:29 UTC 2001



> From: Jason Slagle [mailto:raistlin at tacorp.net]
> Sent: Thursday, July 12, 2001 10:19 AM
> 
> On Thu, 12 Jul 2001, Bill Larson wrote:
> 
> > Well to sum it up in one sentence. If you eliminate the 
> bogus addresses, you
> > can then target the actual zombie machines used to attack 
> the site and
> > eventually eliminate the risk via patching or null route 
> them. So filtering
> > bogus addresses, non-routable addresses, and the addresses, 
> which do not
> > belong to your net blocks, would serve to combat the denial 
> of service
> > attacks.
> 
> 
> I believe the attacks in question are actually non-spoofed.
> 
> It's getting the source networks to remove the boxes that is the
> problem.  Most of them are .edu.

Aha! I knew there was a reason that I filter EDU <g>.



More information about the NANOG mailing list