ICANN Targets DDoS Attacks
Jeff Shultz
jeffshul at wvi.com
Tue Oct 29 21:03:52 UTC 2002
*********** REPLY SEPARATOR ***********
On 10/29/2002 at 3:54 PM Jared Mauch wrote:
>On Tue, Oct 29, 2002 at 12:48:39PM -0800, Jeff Shultz wrote:
>>
>>
>>
>> *********** REPLY SEPARATOR ***********
>>
>> On 10/29/2002 at 3:40 PM Valdis.Kletnieks at vt.edu wrote:
>>
>> >On Tue, 29 Oct 2002 22:25:44 +0200, Petri Helenius <pete at he.iki.fi>
>> said:
>> >
>> >> Why would you like to regulate my ability to transmit and receive
>> data
>> >> using ECHO and ECHO_REPLY packets? Why they are considered
>> >> harmful?
>> >
>> >Smurf.
>> >
>>
>> Okay. What will this do to my user's ping and traceroute times, if
>> anything? I've got users who tend to panic if their latency hits
250ms
>> between here and the moon (slight exaggeration, but only slight).
>>
>> I just love it when I've got people blaming me because the 20th hop
on
>> a traceroute starts returning * * * instead of times.
>
> that's icmp ttl expired messages.
I know that, and I try to explain it to my customers... but it doesn't
answer the first part of the question - what will throttling ICMP do to
ping and traceroute times? My gut reaction is that it will a. slow them
down and/or b. discard a lot of them making the circuit look unreliable
to ping. But I don't know enough about the underlying technology to be
sure of that.
--
Jeff Shultz
Network Support Technician
Willamette Valley Internet
Not speaking for anyone but myself here.
More information about the NANOG
mailing list