[3353] in North American Network Operators' Group
Re: Ping flooding (fwd)
daemon@ATHENA.MIT.EDU (David R. Conrad)
Mon Jul 8 23:05:49 1996
To: George Eddy <eddy@isi.edu>
cc: nanog@merit.edu, davidc@apnic.net
In-reply-to: Your message of "Mon, 08 Jul 1996 17:39:18 PDT."
<9607090039.AA09829@kit.isi.edu>
Date: Tue, 09 Jul 1996 11:57:23 +0900
From: "David R. Conrad" <davidc@apnic.net>
Hi,
>yes, forging a ping attack is pretty easy and can be done from
>anywhere with any source address
Yeah, but forging TCP syn attacks are more fun (fill up those TCBs).
Denial of service attacks are a real pain, particularly as they are so
easy to implement and so hard to defend against. Of course, this
isn't limited to the Internet (as a person who has been victimized by
a rapid redailing fax machine at 4:00 AM can attest).
>the routing proximity is irrelavant, since the
>source is not looked at (unless filters have been put in place, such
>as what the upstream provider has apparently done).
About the only way you can stop this attack would be for ISPs to
filter out bogus source addresses from their customers. Of course,
then the mobile IP people would whine. However, given a future of
more attacks of this nature, I think the mobile IP people are going to
lose.
Cheers,
-drc
