[28683] in North American Network Operators' Group
Re: New Internet-draft on DDOS defense...
daemon@ATHENA.MIT.EDU (Brandon Ross)
Fri May 12 07:55:20 2000
Date: Fri, 12 May 2000 07:53:14 -0400 (EDT)
From: Brandon Ross <bross@netrail.net>
To: nanog@merit.edu
In-Reply-To: <200005120441.VAA15365@asilomar.>
Message-ID: <Pine.LNX.3.96.1000512075212.812B-100000@ogre.atl.netrail.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 11 May 2000, Owen DeLong wrote:
> Right answer, wrong reason. The originating host will be easy to identify
> because the MAC address of the originating machine of the ECHO-REQUEST
> packets will be contained in the packets.
I have to strongly disagree, MAC addresses don't make it across router
boundaries, source IP addresses do.
Brandon Ross 404-522-5400
VP Engineering, NetRail http://www.netrail.net
AIM: BrandonNR ICQ: 2269442
Read RFC 2644!
Stop Smurf attacks! Configure your router interfaces to block directed
broadcasts. See http://www.quadrunner.com/~chuegen/smurf.cgi for details.
