engineering --> ddos and flooding
Jared Mauch
jared at puck.Nether.net
Thu May 31 22:06:36 UTC 2001
There is some work going on in IETF (itrace) to trace these
attacks back even w/ spoofed ips, etc..
There are currently no "poison" bgp updates you can send upstream
to get them to blackhole the traffic.
- Jared
On Thu, May 31, 2001 at 05:59:18PM -0400, Andrew Dorsett wrote:
>
> Hey, this is a technical question for all of the Network
> Engineers/Architects on the list. Has a method been found to stop an
> incoming attack? Granted you can filter the packets to null on the router,
> but that doesn't stop them from coming across the wire and into the
> router. Has a way been devised to stop them from coming into the router;
> via something like a BGP update to null the packets or what? I'm concerned
> about a flood that is so massive coming from the core and flooding a small
> T1 or less.
>
> Thanks,
> Andrew
> ---
> <zerocool at netpath.net>
> http://www.andrewsworld.net/
> ICQ: 2895251
> Cisco Certified Network Associate
> Development Assistant: Netpath/Stratonet, Inc.
> (http://www.netpath.net/)
> Email: dorsett at netpath.net
>
> "Learn from the mistakes of others. You won't live long enough to make all
> of them yourself." -- Unknown
> "YEEEHA!!! What a CRASH!!!" -- Random System Administrator
--
Jared Mauch | pgp key available via finger from jared at puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the NANOG
mailing list