[27189] in North American Network Operators' Group
Re: [Re: Which Part(s) Failed in the recent DOS Attacks?]
daemon@ATHENA.MIT.EDU (Toplez Razer)
Wed Feb 9 23:10:34 2000
Message-ID: <20000210040519.16006.qmail@nw177.netaddress.usa.net>
Date: 9 Feb 00 21:05:19 MST
From: Toplez Razer <z28convertible@usa.net>
To: Joe Shaw <jshaw@insync.net>,
Toplez Razer <z28convertible@usa.net>
Cc: nanog@merit.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
Errors-To: owner-nanog-outgoing@merit.edu
Joe,
Firewall-1 has the SynDefender and Cisco IOS 12.0 has TCP Intercept for
stopping TCP DOS. Could these features stop massive TCP DOS attacks?
Thanks,
Audie Onibala
******************************
Joe Shaw <jshaw@insync.net> wrote:
On 9 Feb 2000, Toplez Razer wrote:
> 1. Was it the firewall DOS filter?
With packet based DoS attacks, filters don't matter. Bandwidth and
saturation are what matters.
> 2. No firewall in Yahoo, EBay, ETrade, etc?
Yes, there are, and no, they wouldn't have helped for the reason
stated above.
> 3. Firewall DOS filter worked, but the links were still clogged with
massive
> ACKs/NACKs?
Not exactly, but fairly close.
--
Joseph W. Shaw - jshaw@insync.net
Computer Security Consultant and Programmer
Free UNIX advocate - "I hack, therefore I am."
____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=3D=
1
