[4228] in North American Network Operators' Group
Re: SYN floods (was: does history repeat itself?)
daemon@ATHENA.MIT.EDU (Avi Freedman)
Mon Sep 9 14:40:40 1996
From: Avi Freedman <freedman@netaxs.com>
To: michael@memra.com (Michael Dillon)
Date: Mon, 9 Sep 1996 14:36:42 -0400 (EDT)
Cc: nanog@merit.edu
In-Reply-To: <Pine.BSI.3.93.960909111107.23597I-100000@sidhe.memra.com> from "Michael Dillon" at Sep 9, 96 11:13:28 am
> > I think its time for the larger providers to start filtering packets
> > coming from customers so that they only accept packets with the
> > customer's network number on it.
This is VERY important as well. Better to limit the trouble to a local
network.
> I disagree. A better way to do this would be for providers to cooperate to
> track down the people who are doing it and make sure to flood the media
> with press releases when the culprits are arrested. If the cracker
> wannabe's realize that source-spoofed SYN attacks can still be quickly
> traced, they will stop doing it.
>
> And the cooperation would do the net some good; maybe lead to more
> cooperation down the line.
>
> Michael Dillon - ISP & Internet Consulting
> Memra Software Inc. - Fax: +1-604-546-3049
> http://www.memra.com - E-mail: michael@memra.com
Avi
