DNS issues various

• Previous message (by thread): DNS issues various
• Next message (by thread): DNS issues various
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 04:51 PM 10/24/2002, Kevin Houle wrote:
>--On Thursday, October 24, 2002 04:30:20 PM -0400 "David G. Andersen" 
><dga at lcs.mit.edu> wrote:
>
>>Until the default behavior of most systems is to block spoofed packets,
>>it's going to remain a problem.
>
>I assert this is not the case. A significant percentage of DDoS attacks use
>legitimate source IP addresses. When there are thousands of throw-away hosts
>in the attack network, the difficulty of traceback and elimination remains,
>and so does the problem.
>
>Yes, blocking spoofed packets helps. But it is not an end-game.

It provides the identity of the party to sue for negligence, should the 
damage elsewhere be severe. In large networks, it would behoove 
administrators to establish ingress filters on the routers connecting 
subnets, so that they can further limit spoofing or help trace the party 
involved.

• Previous message (by thread): DNS issues various
• Next message (by thread): DNS issues various
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]