[13847] in bugtraq
Re: DDOS Attack Mitigation
daemon@ATHENA.MIT.EDU (Darren Reed)
Tue Feb 15 16:57:53 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <200002142249.JAA29733@cairo.anu.edu.au>
Date: Tue, 15 Feb 2000 09:49:43 +1100
Reply-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
From: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
X-To: Alan Brown <alan@manawatu.gen.nz>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.05.10002150711250.6393-100000@mailhost.manawatu.net.nz> from "Alan Brown" at Feb 15,
2000 07:13:20 AM
In some mail from Alan Brown, sie said:
>
> On Sun, 13 Feb 2000, Darren Reed wrote:
>
> > You know if anyone was of a mind to find someone at fault over this,
> > I'd start pointing the finger at ISP's who haven't been doing this
> > due to "performance reasons".
>
> To be fair, if you do this on most terminal servers (eg, Cisco 5300, Max
> 4000), they will collapse under the load.
i.e. poorly designed.
> > They've had the ability to do it for
> > years and in doing so would seriously reduce the number and possibility
> > of "spoofing" attacks.
>
> See above. Having enough CPU available to handle spoof filtering from
> dialups adds a lot to costs and most ISPs simply can't afford to pay
> more in order to be able to provide that benefit. :-(
Someone should either put a bomb under Cisco's arse and get them to
pull their finger out and deliver a cost-effective box which does
what's actually required for a `secure internet' or gather up some
venture capital and build a new box which provides the requisite
security. It would seem that the market is potentially quite large:
replacing every Cisco dialup router in existance with a "secure one"
with at least the same performance. How many 1000s of units do Cisco
claim to have sold ?
Darren
