Advanced Countermeasures to prevent a Ddos

• Previous message (by thread): Advanced Countermeasures to prevent a Ddos
• Next message (by thread): Advanced Countermeasures to prevent a Ddos
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 20 Jul 2001, Hank Nussbacher wrote:

> 
> At 16:38 19/07/01 -0400, you wrote:
> 
> It all hinges on your upstream ISPs.  The things to ask for are:
> 
> - SYN and ICMP rate limiting:  If you buy a T3 from your upstream, you 
> should ask that they place on *their* peering routers and on the router 
> facing you, Cisco rate limits of about 512kb/sec of ICMP and about 
> 128kb/sec of SYNs.  Pay extra if need be.

This means I only need a modem to synflood your network out of order.
Rate-limits are only worthwhile for 'well behaved' flows, DoS is by
definition NOT well-behaved.

• Previous message (by thread): Advanced Countermeasures to prevent a Ddos
• Next message (by thread): Advanced Countermeasures to prevent a Ddos
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]