[34007] in North American Network Operators' Group
Re: Proactive steps to prevent DDOS?
daemon@ATHENA.MIT.EDU (John Hawkinson)
Fri Jan 26 18:54:11 2001
Date: Fri, 26 Jan 2001 18:52:11 -0500
From: John Hawkinson <jhawk@bbnplanet.com>
To: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
Message-ID: <20010126185211.D23712@jhawk-foo.bbnplanet.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <20010126233550.2559.cpmta@c004.sfo.cp.net>; from sean@donelan.com on Fri, Jan 26, 2001 at 03:35:50PM -0800
Errors-To: owner-nanog-outgoing@merit.edu
> Ok, Yahoo, Ebay, Amazon and Microsoft have all made essentially the
> same statement after being hit by a DDOS: "taken steps to
> improve protection of their networks from this type of attack."
>
> My question is What are these steps, and why can't people take them
> before they experience a DDOS?
>
> Is there some magic command I can put into my router to help protect
> my network from a DDOS, or is this just PR fluff to make it look like
> the corporation is doing something.
How aobut neither?
> But in reality there is nothing you can do, but wait for the
> attacker to get bored and stop on their own.
This is the "state a fact that might be wrong to poll for dissent," approach?
Some people have, or are working on, automated tools that try to
detect-and-then-filter-at-the-border DDOS attacks when they happen.
This is something to do that is not useless PR fluff that is not a magic
command.
--jhawk
