[39344] in North American Network Operators' Group
RE: GRC rides again...
daemon@ATHENA.MIT.EDU (Roeland Meyer)
Tue Jul 3 01:07:14 2001
Message-ID: <EA9368A5B1010140ADBF534E4D32C7280259AB@condor.mhsc.com>
From: Roeland Meyer <rmeyer@mhsc.com>
To: 'Ron Buchalski' <rbuchals@hotmail.com>,
davei@biohazard.demon.digex.net, Roeland Meyer <rmeyer@mhsc.com>
Cc: rdobbins@netmore.net, DaveHowe@gmx.co.uk, nanog@merit.edu
Date: Mon, 2 Jul 2001 22:10:49 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Errors-To: owner-nanog-outgoing@merit.edu
> From: Ron Buchalski [mailto:rbuchals@hotmail.com]
> Sent: Monday, July 02, 2001 7:52 AM
> It may be possible for the features of qos to help limit the
> extent of the
> attack, but with no predictability of where the attack
> sources or attack
> destinations are, you'd either need to apply qos when the
> attack occurs
> (reactive), or deploy it EVERYWHERE, on ALL provider's
> networks (intensely
> proactive). I doubt that anyone has the time or effort to
> deploy worldwide
> qos in order to stop random (and small, compared to overall
> traffic) dos
> attacks.
This WAS the idea, thanks for pointing out the weakness. Basically, yet
another means to filter. But, too much work to implement. According to this,
it wouldn't scale.
