[27265] in North American Network Operators' Group
Cisco says attacks are due to operational practices
daemon@ATHENA.MIT.EDU (Sean Donelan)
Thu Feb 10 17:39:39 2000
Date: 10 Feb 2000 14:29:55 -0800
Message-ID: <20000210222955.19534.cpmta@c004.sfo.cp.net>
Content-Type: text/plain
Content-Disposition: inline
Mime-Version: 1.0
To: nanog@merit.edu
From: Sean Donelan <sean@donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
In an InteractiveWeek article the head of Cisco's security products group
says the attacks are an operational problem not a technical problem.
>Routers from Cisco and other vendors have the ability to detect the signature
>patterns of a denial-of-service attack, and the routers can filter out that
>traffic, Farnsworth said.
>
>"The router knows which sources are legitimate or not and drops on the floor
>anything suspicious," Farnsworth said. "Generally speaking, ingress filtering
>and committed rates are effective in terms of preventing [malicious] traffic
>from ever showing up, or filtering it to a reasonable rate."
