Real-Time Mitigation of Denial of Service Attacks Now Available With AT&T
Christopher L. Morrow
christopher.morrow at mci.com
Thu Jun 3 15:25:11 UTC 2004
On Thu, 3 Jun 2004, Erik Haagsman wrote:
>
> On Wed, 2004-06-02 at 19:32, Jeff Aitken wrote:
> > On Wed, Jun 02, 2004 at 06:00:38PM +0200, Erik Haagsman wrote:
> > > Only very small ISPs relying on 36xx's or multilayer switching instead
> > > of larger, more powerful might be still valid cases where ACL's are a
> > > problem.
> >
> > Interesting assertion. Care to support it?
>
> It's not unusual for smaller ISP's and small hosting companies to rely
> on low-spec equipment that can just deal with normal traffic flows, but
> start falling apart when a traffic spike hits and access lists are
> present. As an example, take a lower end IronCore Foudry switch with a
Or, look at some examples in the 6500 family even, not really a 'low end'
switch, but still able to fail spectacularly under abnormal conditions.
(provided you don't have super new Sup720 and other wizz-bang-foo hot off
the presses)
-Chris
More information about the NANOG
mailing list