Is there a line of defense against Distributed Reflective attacks?
Brad Laue
brad at brad-x.com
Fri Jan 17 04:56:39 UTC 2003
Christopher L. Morrow wrote:
>
> On Thu, 16 Jan 2003, Brad Laue wrote:
>
>
[ .. ]
>
>
> Doesn't ECN depend on 'well behaved' traffic? In other words, wouldn't it
> require the hosts sending traffic to slow down? So... even if the hosts
> slowed down, 10,000 hosts still is a high traffic rate at the end point.
> :(
>
Good point.
I suppose another basic but effective method of prevention would be
egress filtering. An increasing minority of network providers are
instituting it, but it doesn't seem like it will be a widespread thing
in the near-term.
--
// -- http://www.BRAD-X.com/ -- //
More information about the NANOG
mailing list