Is there a line of defense against Distributed Reflective attacks?
Michael Lamoureux
lamour at mail.argfrp.us.uu.net
Fri Jan 24 02:47:04 UTC 2003
"alex" == alex <alex at yuriev.com> writes:
>> > > Sure, but this like all other attacks of this sort can be
>> > > tracked... and so the pain is over /quickly/ provided you can
>> > > track it quickly :) Also, sometimes null routes are ok.
>> >
>> > How quickly is quickly? Often times as has been my recent
>> > experience (part of my motivation for posting this thread) the
>> > flood is over before one can get a human being on the phone.
>>
>> Once the call arrives and the problem is deduced it can be tracked
>> in a matter of minutes, like 6-10 at the fastest...
alex> So if one wants to create a really nasty, largely untrackable
alex> problem, one just needs to mount a set of attacks that last 3-4
alex> minutes at a time?
Sure, that's one way to make it difficult.
alex> This is a very bad band-aid. The solution is amazingly simple -
Just to be clear, the solution to WHAT is amazingly simple?
alex> make it uneconomical to have unprotected networks,
For whom to have unprotected networks? What constitutes a protected
network? How does one make it uneconomical enough?
wondering,
Michael
More information about the NANOG
mailing list