Is there a line of defense against Distributed Reflective attacks?

• Previous message (by thread): Is there a line of defense against Distributed Reflective attacks?
• Next message (by thread): Is there a line of defense against Distributed Reflective attacks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 17, 2003 at 01:11:14AM -0500, David G. Andersen mooed:
> 
>   b)  Ioannidis and Bellovin proposed a mechanism called "Pushback"
>       for automatically establishing router-based rate limits to
>       staunch packet flows during DoS attacks.
>       [NDSS 2002, "Implementing Pushback:  Router-Based Defense
>        Against DDoS Attacks"]

  I should have been a bit more accurate here.  The proposal for
pushback is actually earlier than the implementation paper I cited above:

  "Controlling High Bandwidth Aggregates in the Network.  Ratul Mahajan,
   Steven M. Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, and Scott
   Shenker.  July, 2001."

and it also included an internet-draft:

  http://www.aciri.org/floyd/papers/draft-floyd-pushback-messages-00.txt

I believe that Steve Bellovin gave a talk about it at NANOG 21:

  http://www.research.att.com/~smb/talks/pushback-nanog.pdf

  -Dave (I'll learn not to send mail past midnight some day)

-- 
work: dga at lcs.mit.edu                          me:  dga at pobox.com
      MIT Laboratory for Computer Science           http://www.angio.net/
      I do not accept unsolicited commercial email.  Do not spam me.

• Previous message (by thread): Is there a line of defense against Distributed Reflective attacks?
• Next message (by thread): Is there a line of defense against Distributed Reflective attacks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]