Is there a line of defense against Distributed Reflective attacks?

Michael Lamoureux lamour at mail.argfrp.us.uu.net
Fri Jan 24 02:47:04 UTC 2003


 "alex" == alex  <alex at yuriev.com> writes:

>> > > Sure, but this like all other attacks of this sort can be
>> > > tracked... and so the pain is over /quickly/ provided you can
>> > > track it quickly :) Also, sometimes null routes are ok.
>> >
>> > How quickly is quickly? Often times as has been my recent
>> > experience (part of my motivation for posting this thread) the
>> > flood is over before one can get a human being on the phone.
>> 
>> Once the call arrives and the problem is deduced it can be tracked
>> in a matter of minutes, like 6-10 at the fastest...

alex> So if one wants to create a really nasty, largely untrackable
alex> problem, one just needs to mount a set of attacks that last 3-4
alex> minutes at a time?

Sure, that's one way to make it difficult.


alex> This is a very bad band-aid. The solution is amazingly simple -

Just to be clear, the solution to WHAT is amazingly simple?


alex> make it uneconomical to have unprotected networks,

For whom to have unprotected networks?  What constitutes a protected
network?  How does one make it uneconomical enough?


wondering,
Michael



More information about the NANOG mailing list