|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
From: "Terry Baranski" <tbaranski@mail.com> To: <jlewis@lewis.org>, "'Allan Liska'" <allan@allan.org> Cc: "'Kai Schlichting'" <kai@pac-rim.net>, <nanog@merit.edu> Date: Mon, 6 Oct 2003 20:35:33 -0400 In-Reply-To: <Pine.LNX.4.44.0310061927350.8137-100000@redhat1.mmaero.com> Errors-To: owner-nanog-outgoing@merit.edu >> We've been handling a multi-vector DDoS - 40-byte spoofed >> SYN-flooding towards www.cisco.com > > Now that they've come for cisco, maybe law enforcement, > network operators, and router vendors will all get their > $h!t together and do something to put a stop to these DDoS > attacks that have been going on in various forms for several > years. Maybe this will have the positive effect of motivating Cisco to do more to encourage best practices such as edge anti-spoof filtering. To begin with, Barry Green's presentations on these issues are hidden away on his/Cisco's FTP server (ftp://ftp-eng.cisco.com/cons/) -- maybe it would be beneficial to put them (along with write-ups) in an easily-accessible and often-visited area of the main site where people will see them. These issues aren't just for ISPs: if edge networks would filter their borders, ISPs wouldn't have to do it for them. (Or in most cases, fail to do it for them.) -Terry
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |