engineering --> ddos and flooding

Jared Mauch jared at
Thu May 31 22:06:36 UTC 2001

	There is some work going on in IETF (itrace) to trace these
attacks back even w/ spoofed ips, etc..

	There are currently no "poison" bgp updates you can send upstream
to get them to blackhole the traffic.

	- Jared

On Thu, May 31, 2001 at 05:59:18PM -0400, Andrew Dorsett wrote:
> Hey, this is a technical question for all of the Network 
> Engineers/Architects on the list.  Has a method been found to stop an 
> incoming attack?  Granted you can filter the packets to null on the router, 
> but that doesn't stop them from coming across the wire and into the 
> router.  Has a way been devised to stop them from coming into the router; 
> via something like a BGP update to null the packets or what?  I'm concerned 
> about a flood that is so massive coming from the core and flooding a small 
> T1 or less.
> Thanks,
> Andrew
> ---
> <zerocool at>
> ICQ: 2895251
> Cisco Certified Network Associate
> Development Assistant: Netpath/Stratonet, Inc.
>                         (
>                         Email: dorsett at
> "Learn from the mistakes of others. You won't live long enough to make all 
> of them yourself." -- Unknown
> "YEEEHA!!! What a CRASH!!!" -- Random System Administrator

Jared Mauch  | pgp key available via finger from jared at
clue++;      |  My statements are only mine.

More information about the NANOG mailing list