[22604] in North American Network Operators' Group
Re: source filtering
daemon@ATHENA.MIT.EDU (Craig A. Huegen)
Tue Jan 12 16:27:58 1999
Date: Tue, 12 Jan 1999 11:45:38 -0800
From: "Craig A. Huegen" <chuegen@quadrunner.com>
Old-To: Dan Hollis <goemon@sasami.anime.net>, Alex Bligh <amb@gxn.net>
Cc: Jared Mauch <jared@puck.nether.net>, nanog@merit.edu
In-Reply-To: <Pine.LNX.3.96.990112110204.17871B-100000@sasami.anime.net>; from Dan Hollis on Tue, Jan 12, 1999 at 11:02:44AM -0800
To: boblevy@ix.netcom.com
My data against IRC servers shows otherwise. I see
a *great* number of UDP floods -- but they're not reflected
attacks. They typically consist of a well-connected but
poorly-secured machine at a university.
/cah
On Tue, Jan 12, 1999 at 11:02:44AM -0800, Dan Hollis wrote:
==>On Tue, 12 Jan 1999, Alex Bligh wrote:
==>> Is UDP smurf much in evidence?
==>
==>Yes. About 50% of the smurf attacks we get are UDP.
==>
==>-Dan
