[4111] in linux-net channel archive
Re: SYN floods
daemon@ATHENA.MIT.EDU (Alan Cox)
Tue Aug 20 13:55:26 1996
From: Alan Cox <alan@cymru.net>
To: lefty@sliderule.geek.org.uk (Lefty)
Date: Tue, 20 Aug 1996 16:45:20 +0100 (BST)
Cc: alan@cymru.net, nelson@crynwr.com, linux-net@vger.rutgers.edu
In-Reply-To: <199608201510.PAA11624@sliderule.geek.org.uk> from "Lefty" at Aug 20, 96 03:10:15 pm
> dynamic IP's that arent in use? It would be very easy for me to find
> a couple and syn flood from that, how would a provider know to block those
> IP's? And with the new small almost clueless new ISP's that are going
> up, its not conceivable that the provider can block their own addrs as that
> isnt a default install..
Whoa stop.
Its up to ISP's to filter addresses coming FROM their network which are
not their own addresses. I would dearly like the big providers to write
that into their acceptable use policy as a requirement. These problems
have to be stopped _at_source_, and the random clueless provider is a
hazard to all otherwise. We don't allow people to run telephone companies
without showing some degree of sense so they wont upset the existing
infrastructure, so why do we allow ISP's to get away with it to the bad
suffering of other ISPs ?
