[52976] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: DNS issues various

daemon@ATHENA.MIT.EDU (Kevin Houle)
Thu Oct 24 16:52:25 2002

Date: Thu, 24 Oct 2002 16:51:08 -0400
From: Kevin Houle <kjh@cert.org>
To: "David G. Andersen" <dga@lcs.mit.edu>
Cc: nanog@merit.edu
In-Reply-To: <20021024203020.GI76535@lcs.mit.edu>
Errors-To: owner-nanog-outgoing@merit.edu

--On Thursday, October 24, 2002 04:30:20 PM -0400 "David G. Andersen" 
<dga@lcs.mit.edu> wrote:

> Until the default behavior of most systems is to block spoofed packets,
> it's going to remain a problem.

I assert this is not the case. A significant percentage of DDoS attacks use
legitimate source IP addresses. When there are thousands of throw-away hosts
in the attack network, the difficulty of traceback and elimination remains,
and so does the problem.

Yes, blocking spoofed packets helps. But it is not an end-game.

Kevin


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[52976] in North American Network Operators' Group

Re: DNS issues various

daemon@ATHENA.MIT.EDU (Kevin Houle)Thu Oct 24 16:52:25 2002

daemon@ATHENA.MIT.EDU (Kevin Houle)
Thu Oct 24 16:52:25 2002