[47267] in North American Network Operators' Group
Re: Effective ways to deal with DDoS attacks?
daemon@ATHENA.MIT.EDU (Richard A Steenbergen)
Wed May 1 21:11:59 2002
Date: Wed, 1 May 2002 21:11:27 -0400
From: Richard A Steenbergen <ras@e-gerbil.net>
To: Avleen Vig <lists-nanog@silverwraith.com>
Cc: Pete Kruckenberg <pete@kruckenberg.com>,
"nanog@merit.edu" <nanog@merit.edu>
Message-ID: <20020502011127.GB523@overlord.e-gerbil.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020502013505.R4182-100000@apple.silverwraith.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, May 02, 2002 at 01:49:40AM +0100, Avleen Vig wrote:
>
> DDoS attacks by their very nature, are distributed. The primary purpose
> of more DDoS attacks is to flood the target's upstream connection to the
> point of saturation.
Actually the original goal (and probably still the primary benefit) of
DDoS attacks was to evade detection by using so many hosts that any
specific one either went unnoticed or unreported.
Having multiple sources to bypass any potential congestion (since a DoS is
only as effective as the weakest link along the path) and filtering is
still what I would rank as a secondary effect.
--
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
