[27167] in North American Network Operators' Group
Re: Which Part(s) Failed in the recent DOS Attacks?
daemon@ATHENA.MIT.EDU (Joe Shaw)
Wed Feb 9 20:21:34 2000
Date: Wed, 9 Feb 2000 19:18:26 -0600 (CST)
From: Joe Shaw <jshaw@insync.net>
To: Toplez Razer <z28convertible@usa.net>
Cc: nanog@merit.edu
In-Reply-To: <20000210001640.29841.qmail@www0h.netaddress.usa.net>
Message-ID: <Pine.GSO.4.21.0002091906030.28241-100000@vellocet.insync.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On 9 Feb 2000, Toplez Razer wrote:
> 1. Was it the firewall DOS filter?
With packet based DoS attacks, filters don't matter. Bandwidth and
saturation are what matters.
> 2. No firewall in Yahoo, EBay, ETrade, etc?
Yes, there are, and no, they wouldn't have helped for the reason
stated above.
> 3. Firewall DOS filter worked, but the links were still clogged with massive
> ACKs/NACKs?
Not exactly, but fairly close.
--
Joseph W. Shaw - jshaw@insync.net
Computer Security Consultant and Programmer
Free UNIX advocate - "I hack, therefore I am."
