[38222] in North American Network Operators' Group
Re: engineering --> ddos and flooding
daemon@ATHENA.MIT.EDU (Geoff Z)
Thu May 31 18:27:21 2001
Message-ID: <001401c0ea20$e1761840$0c64a8c0@aegis>
From: "Geoff Z" <geoffz@mts.net>
To: "Andrew Dorsett" <zerocool@netpath.net>
Cc: <nanog@merit.edu>
Date: Thu, 31 May 2001 17:27:29 -0500
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Steven Bellovin has been doing considerable and valuable work on a method
called pushback. You can find a paper on this here:
http://www.research.att.com/~smb/papers/pushback-impl.pdf
He is a listmember here and one of the real luminaries on IP security
issues.
Best regards,
====================
Geoff Zinderdine
CCNP CCA MCP
MTS Communications Inc.
====================
"I'd rather route than switch."
----- Original Message -----
From: "Andrew Dorsett" <zerocool@netpath.net>
To: <nanog@merit.edu>
Sent: Thursday, May 31, 2001 4:59 PM
Subject: engineering --> ddos and flooding
>
> Hey, this is a technical question for all of the Network
> Engineers/Architects on the list. Has a method been found to stop an
> incoming attack? Granted you can filter the packets to null on the
router,
> but that doesn't stop them from coming across the wire and into the
> router. Has a way been devised to stop them from coming into the router;
> via something like a BGP update to null the packets or what? I'm
concerned
> about a flood that is so massive coming from the core and flooding a small
> T1 or less.
>
> Thanks,
> Andrew
> ---
> <zerocool@netpath.net>
> http://www.andrewsworld.net/
> ICQ: 2895251
> Cisco Certified Network Associate
> Development Assistant: Netpath/Stratonet, Inc.
> (http://www.netpath.net/)
> Email: dorsett@netpath.net
>
> "Learn from the mistakes of others. You won't live long enough to make all
> of them yourself." -- Unknown
> "YEEEHA!!! What a CRASH!!!" -- Random System Administrator
>
