[4220] in North American Network Operators' Group
Re: SYN floods (was: does history repeat itself?)
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Mon Sep 9 13:46:39 1996
To: nanog@merit.edu
In-reply-to: Your message of "Mon, 09 Sep 1996 13:19:02 EDT."
<199609091719.NAA24855@jekyll.piermont.com>
Reply-To: perry@piermont.com
Date: Mon, 09 Sep 1996 13:43:08 -0400
From: "Perry E. Metzger" <perry@piermont.com>
BTW, Alexis Rosen at Panix could use some help tracking down the
person(s) attacking his machines -- he's more or less being shut down
by this. He's having some trouble finding the right person at Sprint
(one of his two providers) to talk to. If the right person could get
in touch with me, I'll hook the two of you up.
Hopefully, with a little inter-provider cooperation, the guy will get
caught and arrested soon.
"Perry E. Metzger" writes:
> PANIX, a large public access provider in New York, was badly hit with
> SYN flood attacks from random source addresses over the last few
> days. It nearly wrecked them.
>
> I think its time for the larger providers to start filtering packets
> coming from customers so that they only accept packets with the
> customer's network number on it.
