Source address validation (was Re: UUNet Offer New Protection
Paul Vixie
vixie at vix.com
Sun Mar 7 07:29:54 UTC 2004
sean at donelan.com (Sean Donelan) writes:
> > Try saying that after running a major DDoS target, with "HIT ME" your
> > forehead. No offense Sean but I'd like you to back your claim up with
> > some impirical data first.
>
> Has the number of DDOS attacks increased or decreased in the last few
> years has uRPF has become more widely deployed?
the number of spoofed-source attacks is down only-slightly.
> Do you have any evidence the number of attacks are decreasing?
the overall number of attacks and their volume seems to be decreasing
ever-so-slightly, but the ferocity of the attacks that come through seems
to be increasing more-than-slightly.
and, when defending against one of these, every valid source address is
worth its figurative weight in gold, and constitutes a minor compromise
for the attacker, even if the host it helps to identify is disposable,
easily replaced, and difficult to repair.
[ of course, sean, i could just be making that part up. but since i keep
saying it and since i get attacked pretty frequently, i might be telling
the truth. it could be worth assuming a little credibility and seeing
where that leads you. (but, we digress.) ]
--
Paul Vixie
More information about the NANOG
mailing list