ICANN Targets DDoS Attacks

• Previous message (by thread): ICANN Targets DDoS Attacks
• Next message (by thread): ICANN Targets DDoS Attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

{ this is one "snappy" mailing  list :o) }......

I meant, where can I find the people bouncing ideas on this topic....

-rgds
Alok

----- Original Message -----
From: <bmanning at beguile.ip4.int>
To: David Conrad <david.conrad at nominum.com>
Cc: <bmanning at vacation.karoshi.com>; alok <alok.dube at apara.com>;
<cjclark at alum.mit.edu>; <Valdis.Kletnieks at vt.edu>; nanog <nanog at merit.edu>
Sent: Tuesday, November 05, 2002 5:58 AM
Subject: Re: ICANN Targets DDoS Attacks



ok, so i exploited the ambiguity in the original question.
wrt "active" - there is a sub-group from within the RSSAC
members that seems to be exchanging email on a regular basis
on various response vectors to either diffuse an attack (anycast)
or repel an attack (rate-limits).




On Mon, Nov 04, 2002 at 09:08:44AM -0800, David Conrad wrote:
> Just to be clear:
>
> (a) RSSAC is not an IETF working group.  It is an ICANN thing and not open
> to the public (last I heard)
>
> (b) "active" in this context must be using a definition of that term that
> I'm unfamiliar with.
>
> Rgds,
> -drc
>
> On 11/4/02 3:47 PM, "bmanning at vacation.karoshi.com"
> <bmanning at vacation.karoshi.com> wrote:
>
> >
> >
> > yes.  this is a topic of active discussion within
> > the RSSAC.
> >
> >
> >>
> >>
> >> is any active working group persuing this matter seriously?
> >>
> >> -rgds
> >> Alok
> >> ----- Original Message -----
> >> From: alok <alok.dube at apara.com>
> >> To: <cjclark at alum.mit.edu>; <Valdis.Kletnieks at vt.edu>
> >> Sent: Saturday, November 02, 2002 4:26 AM
> >> Subject: Re: ICANN Targets DDoS Attacks
> >>
> >>
> >>
> >>
> >>> The first, dropping broadcasts destined to your customers, is possibly
> >>> doable, but not trivial.
> >>
> >> ------> IGP learnt networks .. a small tweaky bit which learns
broadcast
> >> addresses via the networks in the IGP wud help (again summarization wud
make
> >> it bad)
> >>
> >>> The second, catching all broadcasts coming
> >>> in, out, or just passing through, is pretty much impossible.
> >>
> >> -----> a very small percentage cud be blocked if u were willing to link
this
> >> to BGP learnt networks..at least those are "complete networks", not
> >> subnetted....
> >>
> >> ofcourse its a very small portion, mebbe u cud ask guys to send more
> >> specific BGP routes from now....
> >>
> >> -A
> >>
> >>
> >>
> >>
> >>
> >

• Previous message (by thread): ICANN Targets DDoS Attacks
• Next message (by thread): ICANN Targets DDoS Attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]