[39103] in North American Network Operators' Group
Re: peering requirements (Re: DDOS anecdotes)
daemon@ATHENA.MIT.EDU (Paul A Vixie)
Tue Jun 26 15:30:39 2001
Message-Id: <200106261930.MAA44543@redpaul.mfnx.net>
To: nanog@merit.edu
In-Reply-To: Message from "Przemyslaw Karwasiecki" <karwas@ifxcorp.com>
of "Tue, 26 Jun 2001 13:56:35 EDT." <AAELKMGHPOPGPCJPPCLMMEHGCHAA.karwas@ifxcorp.com>
Date: Tue, 26 Jun 2001 12:30:06 -0700
From: Paul A Vixie <vixie@mfnx.net>
Errors-To: owner-nanog-outgoing@merit.edu
> But please don't forget that in this particular DDoS event
> there was no IP spoofing.
>
> So anti-spoofing precautions, either on administrative or technical
> level, would be useless in this case.
>
> And this case is not so untypical.
that doesn't matter to me. i, and people i'm various close to, am attacked
several times daily. sometimes in a hard way, sometimes in a soft way, but
almost always using spoofed addresses. tracking these hop by hop using mac
addresses at exchange points only works if the stream is steady. it's not.
> my .002$
i was not basing my recommendation for a general peering agreement upgrade
on any specific attack. it's the pattern of attacks over the last decade
that's got me bugged. any angry teenager with a $300 openbsd machine can
bring down any part of the internet they're angry at. with impunity.
