[34129] in North American Network Operators' Group
Re: Proactive steps to prevent DDOS?
daemon@ATHENA.MIT.EDU (Jeff Ogden)
Mon Jan 29 09:06:08 2001
Mime-Version: 1.0
Message-Id: <v04210102b69b20707984@[198.108.90.150]>
In-Reply-To: <4.3.2.7.2.20010129091925.00ab5b80@max.ibm.net.il>
Date: Mon, 29 Jan 2001 08:47:47 -0500
To: Hank Nussbacher <hank@att.net.il>
From: Jeff Ogden <jogden@merit.edu>
Cc: nanog@merit.edu
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Errors-To: owner-nanog-outgoing@merit.edu
At 9:27 AM +0200 1/29/01, Hank Nussbacher wrote:
>>At 12:52 27/01/01 -0500, Jeff Ogden wrote:
>> --Look into the systems that are being developed and starting to become
>> available that help automate the work to diagnose DDOS attacks.
>> Encourage your up streams to do the same.
>
>I know of just Asta Networks:
>Asta Networks claims cure for denial-of-service attacks, Jan 17, 2001
>http://www.nwfusion.com/news/2001/0117ddos.html
>Firm eyes DOS attacks, Jan 22, 2001
>http://www.nwfusion.com/archive/2001/115979_01-22-2001.html
>
>Can you elaborate on others you may know?
>
>-Hank
Yes, Asta is one.
There is a DARPA funded research project called Lighthouse at the
University of Michigan that is working in this area. Merit has been
involved mostly by giving them access to traffic on a real
operational network. See:
http://www.darpa.mil/leaving.asp?url=http://www.eecs.umich.edu/lighthouse
I understand that there are other DARPA funded efforts working on
different aspects of the DOS problem (automatic detection, trace
back, counter measures).
Take a look at "Networking & Distributed Systems" under
http://www.darpa.mil/ito/ResearchAreas.html
In particular see:
http://www.darpa.mil/ito/psum2000/J032-0.html
http://www.darpa.mil/ito/psum2000/J910-0.html
http://www.darpa.mil/ito/psum2000/J028-0.html
