[54781] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Is there a line of defense against Distributed Reflective attacks?

daemon@ATHENA.MIT.EDU (Rob Thomas)
Thu Jan 16 23:03:59 2003

Date: Thu, 16 Jan 2003 22:03:33 -0600 (CST)
From: Rob Thomas <robt@cymru.com>
To: NANOG <nanog@merit.edu>
In-Reply-To: <Pine.GSO.4.33.0301170358110.19744-100000@rampart.argfrp.us.uu.net>
Errors-To: owner-nanog-outgoing@merit.edu

] Because syn cookies are available on routing gear??? Either way syn
] cookies are not going to keep the device from sending a 'syn-ack' to the
] 'originating host'.

Agreed.  SYN cookies also won't drain a pipe full of malevolent packets.
Any response the target is able to send during a TCP amplification
attack is a bonus prize, but is not required for the attack to succeed.

-- 
Rob Thomas
http://www.cymru.com
ASSERT(coffee != empty);


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[54781] in North American Network Operators' Group

Re: Is there a line of defense against Distributed Reflective attacks?

daemon@ATHENA.MIT.EDU (Rob Thomas)Thu Jan 16 23:03:59 2003

daemon@ATHENA.MIT.EDU (Rob Thomas)
Thu Jan 16 23:03:59 2003