I don't need no stinking firewall!
Jared Mauch
jared at puck.nether.net
Wed Jan 6 13:42:37 UTC 2010
On Jan 6, 2010, at 3:12 AM, Dobbins, Roland wrote:
> Wrong. The attacker just programmatically generates semantically-valid traffic which is indistinguishablle from real traffic, and crowds out the real traffic.
>
> All those fancy timers and counters and what-not don't matter.
>
> I've seen it done over and over again. Why some folks seem to think this is theoretical or that I somehow haven't thought of something they think will prove to be a magic solution is really beyond me, heh.
The reality is they just have not been attacked yet, and hence have no experience in what to do about the problem...
- Jared
More information about the NANOG
mailing list