[47277] in North American Network Operators' Group
Re: Effective ways to deal with DDoS attacks?
daemon@ATHENA.MIT.EDU (Sean Donelan)
Wed May 1 22:55:55 2002
Date: Wed, 1 May 2002 22:55:21 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: Pete Kruckenberg <pete@kruckenberg.com>
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.33.0205012014470.15300-100000@minot.kruckenberg.com>
Message-ID: <Pine.GSO.4.40.0205012247320.9799-100000@clifden.donelan.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 1 May 2002, Pete Kruckenberg wrote:
> We experience a lot of types of attacks ("education/research
> network" = "easy hacker target"). With DDoS incidents, it
> seems we are more often an unknowing/unwilling participant
> than the target, partly due to owning big chunks of IP
> address space.
Universities are hacker training grounds, but also have much
better network security response than most corporate networks.
Whatever problems you have, the rest of us will have soon enough
it may just take us longer to notice it.
> Has anyone tried this kind of an approach or any other type
> of automated/efficient approach to dampen the "zombie" side
> of the DDoS attack?
Has anyone implemented Bellovin's Pushback in a production
network yet?
