[38221] in North American Network Operators' Group
Re: engineering --> ddos and flooding
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Thu May 31 18:23:09 2001
From: "Steven M. Bellovin" <smb@research.att.com>
To: Andrew Dorsett <zerocool@netpath.net>
Cc: nanog@merit.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 31 May 2001 18:21:27 -0400
Message-Id: <20010531222127.7EF6A7B84@berkshire.research.att.com>
Errors-To: owner-nanog-outgoing@merit.edu
In message <4.3.2.7.2.20010531175313.024ed980@mail.netpath.net>, Andrew Dorsett
writes:
>
>Hey, this is a technical question for all of the Network
>Engineers/Architects on the list. Has a method been found to stop an
>incoming attack? Granted you can filter the packets to null on the router,
>but that doesn't stop them from coming across the wire and into the
>router. Has a way been devised to stop them from coming into the router;
>via something like a BGP update to null the packets or what? I'm concerned
>about a flood that is so massive coming from the core and flooding a small
>T1 or less.
>
See my talk (and the associated draft papers) from the D.C. NANOG;
there were also several DDoS talks in Scottsdale.
--Steve Bellovin, http://www.research.att.com/~smb
