Few questions to the american ISPs [Re: DDOS anecdotes]

• Previous message (by thread): DDOS anecdotes
• Next message (by thread): Few questions to the american ISPs [Re: DDOS anecdotes]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It's nice story, but nothing new except XT/2000 options allowing to generate SRC
address.

But when (at last) it happen:

- use WFQ over all custiomer's links (if you have WFQ no such brute attack
succeed, it only slow you down but does not block you);
- Cisco force all IP fragments to be queued into the single WFQ query and allow
filtering of the FRAGMENTS
- any big ISP have skilled security person available. When I worked in Russia, it
took 10 - 15 minutes to contact your ISP and install such filters; for EUnet, it
took 20 minutes; for TELIA, it was the same. For any amertican ISP, it took a week
(UUnet was an exception)...
- all cable providers will have src address filters, so preventing src address
frauding.

It was discussed 5 years ago; it was discussed 2 years ago; it's discussed today.
When something change?


Alexei Roudnev

----- Original Message -----
From: "Sean M. Doran" <smd at clock.org>
To: <nanog at merit.edu>
Sent: Saturday, June 23, 2001 8:30 AM
Subject: DDOS anecdotes


>
>
> Some of you may find http://grc.com/dos/grcdos.htm
> very interesting.
>
> Sean.
>

• Previous message (by thread): DDOS anecdotes
• Next message (by thread): Few questions to the american ISPs [Re: DDOS anecdotes]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]