[28684] in North American Network Operators' Group
Re: New Internet-draft on DDOS defense...
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Fri May 12 08:03:53 2000
From: "Steven M. Bellovin" <smb@research.att.com>
To: Brandon Ross <bross@netrail.net>
Cc: nanog@merit.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Fri, 12 May 2000 08:01:37 -0400
Message-Id: <20000512120138.0862035DC2@smb.research.att.com>
Errors-To: owner-nanog-outgoing@merit.edu
In message <Pine.LNX.3.96.1000512075212.812B-100000@ogre.atl.netrail.net>, Bran
don Ross writes:
>
>On Thu, 11 May 2000, Owen DeLong wrote:
>
>> Right answer, wrong reason. The originating host will be easy to identify
>> because the MAC address of the originating machine of the ECHO-REQUEST
>> packets will be contained in the packets.
>
>I have to strongly disagree, MAC addresses don't make it across router
>boundaries, source IP addresses do.
Besides, MAC addresses are quite often changeable.
--Steve Bellovin
