DDOS anecdotes

• Previous message (by thread): DDOS anecdotes
• Next message (by thread): Few questions to the american ISPs [Re: DDOS anecdotes]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

What I fear the "easy solution" for the cable modem and ILEC DSL providers 
(i.e. the only ones who will be left selling DSL after Tauzin and Dingell 
have their way with Covad and company) is severe suppression of outbound 
bandwidth. For those who run personal servers on ADSL and cable lines, 
and who either (a) can't afford SDSL or (b) aren't in DSL range at all, 
life will be just a little bit harder.

-C

On Sat, Jun 23, 2001 at 02:49:34PM -0400, Deepak Jain wrote:
> 
> 
> I admit I only made it through half of this guy's page. And barring some of
> the reactionary speech, I was able to pull some technical content.
> 
> 
> My question, is this news to anyone?
> 
> The capabilities of machines will continue to improve, the capabilities of
> networks will continue to improve [Moore's Law]. (Per my own rule of
> internet problem solving..) IFF the problem becomes a crisis, massive action
> will take place (similar to the spam problems in '97) to bring the abuse  to
> a manageable level. This might be egress filtering at aggregation routers. I
> know most large networks use automated configuration management for their
> gear, and setting ingress filters from their PPPoE, PPPoA, and dial-up pools
> that only accept addresses from the likely pool of DHCP addresses wouldn't
> be too hard and probably a huge first step.
> 
> I think most attacks (currently) are manageable either in their frequency or
> their ability to be filtered. IRC servers are an exception, and why many
> providers will not waste resources hosting small IRC servers.
> 
> If the problem becomes severe, end-user address filtering will be the
> biggest single difference. One can draw examples from dialup providers (like
> MSN) filtering all attempts to connect to port 25 outbound from their dialup
> pool(s). And the corresponding drop in abuse, not just from them, but as a
> percentage of the whole.
> 
> Spamming/attacking will then be left to the world of corporate internet
> connections and university dorms the way god intended. :)
> 
> Deepak Jain
> 
> 
> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
> Sean M. Doran
> Sent: Saturday, June 23, 2001 11:31 AM
> To: nanog at merit.edu
> Subject: DDOS anecdotes
> 
> 
> 
> 
> Some of you may find http://grc.com/dos/grcdos.htm
> very interesting.
> 
> 	Sean.
> 

-- 
---------------------------
Christopher A. Woodfield		rekoil at semihuman.com

PGP Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB887618B

• Previous message (by thread): DDOS anecdotes
• Next message (by thread): Few questions to the american ISPs [Re: DDOS anecdotes]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]