[47584] in North American Network Operators' Group
Re: Effective ways to deal with DDoS attacks?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Mon May 6 19:37:20 2002
Message-Id: <200205062334.g46NYdQn027813@foo-bar-baz.cc.vt.edu>
To: Ralph Doncaster <ralph@istop.com>
Cc: nanog@merit.edu
In-Reply-To: Your message of "Mon, 06 May 2002 19:04:11 EDT."
<Pine.LNX.4.21.0205061903001.627-100000@cpu1693.adsl.bellglobal.com>
From: Valdis.Kletnieks@vt.edu
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_913000979P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Mon, 06 May 2002 19:34:39 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_913000979P
Content-Type: text/plain; charset=us-ascii
On Mon, 06 May 2002 19:04:11 EDT, Ralph Doncaster said:
> IP Tunneling - it often makes more sense to send packets out that have a
> source address reachable only through the tunnel.
But aren't those source addresses hidden *inside* the encapsulation, and
what's visible to routers are the source/dest IPs of the tunnel itself?
--==_Exmh_913000979P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE81xMPcC3lWbTT17ARAtfrAKCRKld5x7gib7iCYD7XBZyO33yQDgCg+SJi
O7w7G/iT74gb8z7x9MWEfA0=
=29Y6
-----END PGP SIGNATURE-----
--==_Exmh_913000979P--