[13887] in bugtraq
Re: DDOS Attack Mitigation
daemon@ATHENA.MIT.EDU (John Edwards)
Thu Feb 17 06:42:59 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <38A9EB4D.3C5D9D6C@pinnacle.net.au>
Date: Wed, 16 Feb 2000 10:41:57 +1030
Reply-To: John Edwards <isplist@PINNACLE.NET.AU>
From: John Edwards <isplist@PINNACLE.NET.AU>
X-To: Alan Brown <alan@MANAWATU.GEN.NZ>
To: BUGTRAQ@SECURITYFOCUS.COM
Alan Brown wrote:
>
> On Sun, 13 Feb 2000, Darren Reed wrote:
>
> > You know if anyone was of a mind to find someone at fault over this,
> > I'd start pointing the finger at ISP's who haven't been doing this
> > due to "performance reasons".
>
> To be fair, if you do this on most terminal servers (eg, Cisco 5300, Max
> 4000), they will collapse under the load.
I maintain a number of sites running the ACC/Ericsson Tigris access
servers, which have similar processing power to the 5300. These units
have ingress filtering enabled on dialup ports by default, requiring a
trivial amount of CPU utilization to do so. Ingress filtering is really
just another routing decision, something that these kinds of boxes are
made to do all day, every day.
John Edwards
