[SECURITY] Application layer attacks/DDoS attacks

Steve angst1974 at yahoo.com
Mon May 25 13:31:18 UTC 2015


Application layer DDoS attacks , in most (all?) cases require a valid TCP/IP connection, therefore are not spoofed and BCP38 is irrelevant 

Sent from Steve's iPhone 

> On May 25, 2015, at 8:00 AM, nanog-request at nanog.org wrote:
> 
> Send NANOG mailing list submissions to
>    nanog at nanog.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
>    http://mailman.nanog.org/mailman/listinfo/nanog
> or, via email, send a message with subject or body 'help' to
>    nanog-request at nanog.org
> 
> You can reach the person managing the list at
>    nanog-owner at nanog.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of NANOG digest..."
> 
> 
> Today's Topics:
> 
>   1. Re: [SECURITY] Application layer attacks/DDoS attacks
>      (Christopher Morrow)
>   2. Re: [SECURITY] Application layer attacks/DDoS attacks
>      (Ramy Hashish)
>   3. Re: [SECURITY] Application layer attacks/DDoS attacks (Randy Bush)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Sun, 24 May 2015 23:01:50 -0400
> From: Christopher Morrow <morrowc.lists at gmail.com>
> To: jim deleskie <deleskie at gmail.com>
> Cc: Ramy Hashish <ramy.ihashish at gmail.com>, NANOG list
>    <nanog at nanog.org>
> Subject: Re: [SECURITY] Application layer attacks/DDoS attacks
> Message-ID:
>    <CAL9jLaYf7v-NG_1qGEHtHhASOD6Vea5VJCSJcWhS29GPcRuzPg at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
> 
> On Sat, May 23, 2015 at 9:12 PM, jim deleskie <deleskie at gmail.com> wrote:
>>> However, the trusted network initiative might be a good approach to start
>>> influencing operators to apply anti-spoofing mechanisms.
> 
> explain how you think the 'trusted network initiative' matters in the slightest?
> 
> -chris
> 
> 
> ------------------------------
> 
> Message: 2
> Date: Mon, 25 May 2015 06:48:41 +0200
> From: Ramy Hashish <ramy.ihashish at gmail.com>
> To: morrowc.lists at gmail.com, nanog at nanog.org
> Subject: Re: [SECURITY] Application layer attacks/DDoS attacks
> Message-ID:
>    <CAOLsBOt_SOwHLZVRgb31nMMX5isiS8rkXojUpP9NyNVU05Dw9w at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
> 
> The idea of restricting access to a certain content during an attack on the
> "trusted networks" only will make all interested ISPs be more "trusted"
> 
> Ramy
> 
> On Mon, May 25, 2015 at 5:01 AM, Christopher Morrow <morrowc.lists at gmail.com
>> wrote:
> 
>> On Sat, May 23, 2015 at 9:12 PM, jim deleskie <deleskie at gmail.com> wrote:
>>>> However, the trusted network initiative might be a good approach to
>> start
>>>> influencing operators to apply anti-spoofing mechanisms.
>> 
>> explain how you think the 'trusted network initiative' matters in the
>> slightest?
>> 
>> -chris
> 
> 
> ------------------------------
> 
> Message: 3
> Date: Mon, 25 May 2015 15:18:43 +0900
> From: Randy Bush <randy at psg.com>
> To: Ramy Hashish <ramy.ihashish at gmail.com>
> Cc: North American Network Operators' Group <nanog at nanog.org>
> Subject: Re: [SECURITY] Application layer attacks/DDoS attacks
> Message-ID: <m2r3q5b2nw.wl%randy at psg.com>
> Content-Type: text/plain; charset=US-ASCII
> 
>> The idea of restricting access to a certain content during an attack
>> on the "trusted networks" only will make all interested ISPs be more
>> "trusted"
> 
> don't the lawyers already have enough money?
> 
> 
> End of NANOG Digest, Vol 88, Issue 25
> *************************************



More information about the NANOG mailing list