WANTED: ISPs with DDoS defense solutions

• Previous message (by thread): WANTED: ISPs with DDoS defense solutions
• Next message (by thread): WANTED: ISPs with DDoS defense solutions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 6 Aug 2003, Paul Vixie wrote:

>
> > More and more there is less and less spoofing, its just not required and
> > it causes more damage with less effort :( Why spoof when you have 1000
> > machines pumping 1 packet per second? (or 10)
>
> leaving the spoofing option open for future generations of attacks,
> rather than having a witch-hunt and tracking down and upgrading every
> insecure edge, is just about the worst thing we could do.  because
> when an attacker wants an extra edge, they'll add spoofing to their
> attack profile, and the core's immune system will be totally unprepared.

I don't believe I ever said that the edges shouldn't filter... did I?

• Previous message (by thread): WANTED: ISPs with DDoS defense solutions
• Next message (by thread): WANTED: ISPs with DDoS defense solutions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]