automatic rtbh trigger using flow data

Hugo Slabbert hugo at
Fri Aug 31 18:43:04 UTC 2018

On Fri 2018-Aug-31 13:35:29 -0500, Aaron Gould <aaron1 at> wrote:

>* btw, what can you experts tell me about tcp-based volumetric attacks...
>please help me to understand... does tcp have an inherent inability to
>ramp-up to massive speeds/loads with it's sliding window and
>must-rcv-ack-before sending more segments ??  I ask since I heard this years
>ago about tcp and I wonder if this is why

UDP, depending on the application, can be reflected and amplified.  
Generally on the TCP side you can try SYN or ACK floods, but you're not 
going to get an amplified reflection.

Hugo Slabbert       | email, xmpp/jabber: hugo at
pgp key: B178313E   | also on Signal

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <>

More information about the NANOG mailing list