[13814] in bugtraq
Re: DDOS Attack Mitigation
daemon@ATHENA.MIT.EDU (Darren Reed)
Mon Feb 14 13:36:45 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <200002130850.TAA08542@cairo.anu.edu.au>
Date: Sun, 13 Feb 2000 19:50:17 +1100
Reply-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
From: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
X-To: aleph1@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000211003101.A26181@securityfocus.com> from "Elias Levy" at
Feb 11, 2000 12:31:01 AM
In some mail from Elias Levy, sie said:
[...]
> Network Ingress Filtering:
> --------------------------
>
> All network access providers should implement network ingress filtering
> to stop any of their downstream networks from injecting packets with
> faked or "spoofed" addressed into the Internet.
>
> Although this does not stop an attack from occurring it does make it
> much easier to track down the source of the attack and terminate it
> quickly.
>
> For information on network ingress filtering read RFC 2267:
> http://info.internet.isi.edu/in-notes/rfc/files/rfc2267.txt
You know if anyone was of a mind to find someone at fault over this,
I'd start pointing the finger at ISP's who haven't been doing this
due to "performance reasons". They've had the ability to do it for
years and in doing so would seriously reduce the number and possibility
of "spoofing" attacks.
Darren
