[68429] in North American Network Operators' Group
Re: Counter DoS
daemon@ATHENA.MIT.EDU (Rachael Treu)
Thu Mar 11 15:10:24 2004
Date: Thu, 11 Mar 2004 14:48:08 -0600
From: Rachael Treu <rara@navigo.com>
To: Gregory Taylor <greg@xwb.com>
Cc: Jay Hennigan <jay@west.net>, nanog@merit.edu
In-Reply-To: <40501A60.4050305@xwb.com>
Errors-To: owner-nanog-outgoing@merit.edu
Two words (well...one hyphenated-reference):
spoofed-source
bah,
--ra
--
k. rachael treu, CISSP rara@navigo.com
..quis costodiet ipsos custodes?..
On Wed, Mar 10, 2004 at 11:50:56PM -0800, Gregory Taylor said something to the effect of:
>
> Oh yes, lets not forget the fact that if enough sites have this
> 'firewall' and one of them gets attacked by other sites using this
> firewall it'll create a nuclear fission sized chain reaction of looping
> Denial of Service Attacks that would probably bring most major backbone
> providers to their knees.
>
> (Popcorn's in the microwave as I speak)
>
> Greg
>
> Jay Hennigan wrote:
>
> >On Wed, 10 Mar 2004, Gregory Taylor wrote:
> >
> >
> >
> >>After reading that article, if this product really is capable of
> >>'counter striking DDoS attacks', my assumption is that it will fire
> >>packets back at the nodes attacking it. Doing such an attack would not
> >>be neither feasible or legal. You would only double the affect that the
> >>initial attack caused to begin with, plus you would be attacking hacked
> >>machines and not the culprit themselves, thus pouring gasoline all over
> >>an already blazing inferno.
> >>
> >>
> >
> >On the other hand, they could become immensely popular, reaching the
> >critical mass when one of them detects what is interpreted as an attack
> >from a network protected by another. Grab the popcorn and watch as they
> >all bludgeon each other to death. :-)
> >
> >
> >
>
