[38239] in North American Network Operators' Group
Re: engineering --> ddos and flooding
daemon@ATHENA.MIT.EDU (lucifer@lightbearer.com)
Fri Jun 1 14:29:36 2001
Message-ID: <20010601182744.1138.qmail@prophecy.lightbearer.com>
From: lucifer@lightbearer.com
In-Reply-To: <200106011815.SAA29053@i-14.isi.edu> from Walter Prue at "Jun 1,
2001 06:15:01 pm"
To: nanog@merit.edu
Date: Fri, 1 Jun 2001 11:27:44 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Walter Prue wrote:
> This second low speed connection thus becomes a lightning rod for the
> DDOS traffic most of which will be discarded and not even delivered due
> to congestion on the slow speed link, the slower the better for you.
> This of course kills all traffic to the attacked node but the rest of
^^^^^^^^^^^^^^^^^
> the network remains usable.
Including the BGP session, I would think, thus causing it to reset and
drop the route, sending all the traffic back to the primary, which unfloods
the smaller link, which re-advertises, which...
Flappage, anyone?
--
***************************************************************************
Joel Baker System Administrator - lightbearer.com
lucifer@lightbearer.com http://www.lightbearer.com/~lucifer
