[142857] in North American Network Operators' Group
Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was:
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri Jul 15 02:15:32 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CAAAwwbXA-4t39h=pf=EU9Mj-s0vVbYz=V=7yfdVW8JBcfyFgKg@mail.gmail.com>
Date: Thu, 14 Jul 2011 23:13:03 -0700
To: Jimmy Hess <mysidia@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jul 14, 2011, at 8:24 PM, Jimmy Hess wrote:
> On Thu, Jul 14, 2011 at 9:35 PM, Jared Mauch <jared@puck.nether.net> =
wrote:
>> On Jul 14, 2011, at 10:06 PM, Fernando Gont <fernando@gont.com.ar> =
wrote:
>> Anyone on a layer-2 network can do something interesting like flood =
all f's and kill the lan. Trying to keep the majority of thoughts here =
for layer-3 originated attacks, even if the target is a layer2 item.
>> - Jared
>=20
> In most cases if you have a DoS attack coming from the same Layer-2
> network that a router is attached to,
> it would mean there was already a serious security incident that
> occured to give the attacker that special point to attack from.
>=20
That's one possibility.
The other likely possibility is that you are a University.
Owen
