[68111] in North American Network Operators' Group
Re: UUNet Offer New Protection Against DDoS
daemon@ATHENA.MIT.EDU (Erik Haagsman)
Wed Mar 3 03:48:39 2004
From: Erik Haagsman <erik@we-dare.net>
Reply-To: erik@we-dare.net
To: Paul G <paul@rusko.us>
Cc: Deepak Jain <deepak@ai.net>,
"william(at)elan.net" <william@elan.net>,
John Obi <dalnetuzer@yahoo.com>, nanog@merit.edu
In-Reply-To: <016701c400f9$2d171280$0200a8c0@rusko>
Date: Wed, 03 Mar 2004 09:47:05 +0100
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 2004-03-03 at 09:26, Paul G wrote:
> cant speak for them, but this would be my preferred first step. next step
> is, of course, an attempt to filter on {source, unique characteristics, what
> have you} and removing the blackhole.
What most people seem to forget is that neither of these steps actually
counter the DoS...they merely make the DoS as invisible as possible to
customers while the traffic keeps hitting the carrier in question. For
the large carriers this is only a minor inconvenience.
For smaller carriers or for co-location facilities/NSP's that are
relying on not-so-clueful carriers (read: carriers not supporting any
kind of communities with possible lack of pro-active network management
and/or bad communications) this is a BIG problem. Even though they might
take the heat off the targeted customer, they could be in for a rough
ride themselves as the DoS keeps going and going.
I haven't seen any major press-releases on actually solving the problem
instead of hiding it... (granted...I haven't put out one either :-)
Cheers,
--
---
Erik Haagsman
Network Architect
We Dare BV
tel: +31.10.7507008
fax: +31.10.7507005
http://www.we-dare.nl
