[4491] in North American Network Operators' Group
Re: New Denial of Service Attack on Panix
daemon@ATHENA.MIT.EDU (Paul Ferguson)
Tue Sep 17 15:01:43 1996
Date: Tue, 17 Sep 1996 14:57:42 -0400
To: "Kent W. England" <kwe@6SigmaNets.com>
From: Paul Ferguson <pferguso@cisco.com>
Cc: nanog@merit.edu, iepg@iepg.org
I would personally like to see this topic added as an agenda item at
the upcoming Ann Arbor NANOG meeting. At least a brief discussion of
conventional wisdom (filter on valid source prefixes at periphery, etc.)
should be in order.
- paul
At 04:14 PM 9/16/96 -0700, Kent W. England wrote:
>Dear NANOG/IEPG Folks;
>
>As you should know by now from reading the papers, Panix, the first ISP in
>NYC, has come under a new denial of service attack. The Wall Street Journal
>quoted Bill Cheswick to the effect that the attack is "unstoppable". Almost,
>but not quite, true.
>
>It's true that there isn't anything that Panix can do on its own to stop
>this attack. It's true that it would be hard to verify source addresses at
>MAEs and NAPs. But we could all verify source addresses at the first hop
>entry points. And get default route and unauthorized transit protection to
boot.
>
>I'd like to know what the community thinks can be done to deal with an
>escalation of these attacks should this occur. Are you doing any source
>address verification now? Are you doing anything to help Panix? Could you?
>
>How seriously do you take this threat? If Panix were to go out of business
>and Bob Metcalfe wrote a column on it, ( :-) do you think we would have to
>deal with it together then, or can we sit tight and expect it to blow over?
>After all, it's easy to dump chemicals in the reservoir, but we still drink
>the water, right?
>
>Thanks.
>
>--Kent
>
>
>~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~
>Kent W. England Six Sigma Networks
>1655 Landquist Drive, Suite 100 Voice/Fax: 619.632.8400
>Encinitas, CA 92024 kwe@6SigmaNets.com
>Experienced Internet Consulting ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~~ ~~~~
>
>
>
