DDOS attacks and Large ISPs doing NAT?
Mansey, Jon
Jon_Mansey at verestar.com
Thu May 2 18:06:33 UTC 2002
That would come under the heading of a virus or trojan I believe. And sure
there is no reason a NAT'd cell phone couldnt participate in this type of
attack.
The DDOS discussion is specifically referring to a "live" syn or syn/ack
attack from hosts that respond to connection requests. A NAT'd cell phone
wont, cant ever, respond to an unsolicited connection request.
jm
> -----Original Message-----
> From: Gary E. Miller [mailto:gem at rellim.com]
> Sent: Thursday, May 02, 2002 11:00 AM
> To: Mansey, Jon
> Cc: nanog at merit.edu
> Subject: RE: DDOS attacks and Large ISPs doing NAT?
>
>
> Yo Jon!
>
> On Thu, 2 May 2002, Mansey, Jon wrote:
>
> > To merge these 2 great threads, it is the case is it not
> that NAT is a
> > great way to avoid DDOS problems. I don't even want to imagine what
> > the billing/credit issues would be like if your always-on
> phone with a
> > real IP is used as a zombie in a DDOS. "Hey I didn't use all that
> > traffic last month....etc etc"
>
> Who says a NATed host can not be a zombie? Get the NATed
> host to read an email virus. The virus then coonects to an
> IRC channel that tells the zombie when to spew.
>
> Each phone would not spew much, but imagine you got 100M
> phones to do your DDoS for you...
>
> RGDS
> GARY
> --------------------------------------------------------------
> -------------
> Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
> gem at rellim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676
>
>
More information about the NANOG
mailing list