Bugtraq mailing list archives
Re: DDOS Attack Mitigation
From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Tue, 15 Feb 2000 09:32:59 +1100
In some mail from Andrzej Bialecki, sie said:
On Sun, 13 Feb 2000, Darren Reed wrote:In some mail from Elias Levy, sie said: [...]Network Ingress Filtering: -------------------------- All network access providers should implement network ingress filtering to stop any of their downstream networks from injecting packets with faked or "spoofed" addressed into the Internet. Although this does not stop an attack from occurring it does make it much easier to track down the source of the attack and terminate it quickly. For information on network ingress filtering read RFC 2267: http://info.internet.isi.edu/in-notes/rfc/files/rfc2267.txtYou know if anyone was of a mind to find someone at fault over this, I'd start pointing the finger at ISP's who haven't been doing this due to "performance reasons". They've had the ability to do it for years and in doing so would seriously reduce the number and possibility of "spoofing" attacks.Well, I worked at such ISP. The issue was really simple: given the choice between: putting a Cisco 25xx for $x000 and hope that we can deal with the problem when/if the customers start misbehaving, or putting a Cisco 47xx for $x0000, and possibly never experience the problem, but having spent awful lot of money the decision to select the former had its firm economic ground, don't you think?
It's good to see that ISP's around the world prefer to have $$ in the bank rather than a secure Internet. Little wonder that hacking is so prevalent. Hmmm, I, wonder if there's grounds for sueing ISP's for being deliberately negligent or incompetant in failing to exercise due diligence in protecting the Internet from hackers ? Darren
Current thread:
- Re: DDOS Attack Mitigation, (continued)
- Re: DDOS Attack Mitigation Carson Gaspar (Feb 15)
- Re: DDOS Attack Mitigation John Edwards (Feb 15)
- Re: DDOS Attack Mitigation Ryan Russell (Feb 16)
- Administrivia Elias Levy (Feb 16)
- Re: DDOS Attack Mitigation John Payne (Feb 14)
- Re: DDOS Attack Mitigation Julien Nadeau (Feb 14)
- Re: DDOS Attack Mitigation Bennett Todd (Feb 15)
- rp_filter? (was Re: DDOS Attack Mitigation) Julien Nadeau (Feb 18)
- Re: DDOS Attack Mitigation Homer Wilson Smith (Feb 14)
- Re: DDOS Attack Mitigation Andrzej Bialecki (Feb 14)
- Re: DDOS Attack Mitigation Darren Reed (Feb 14)
- "Association of Responsible Internet Providers"? David Nesting (Feb 15)
- Re: DDOS Attack Mitigation Andreas Busse (Feb 15)
- Re: Evil Cookies. Ari Gordon-Schlosberg (Feb 08)
- Re: Evil Cookies. Michael Bryan (Feb 08)
- Statistical Attack Against Virtual Banks Andre L. Dos Santos (Feb 08)
- Re: Statistical Attack Against Virtual Banks HC Security (Feb 08)
- Re: Statistical Attack Against Virtual Banks Andre L. Dos Santos (Feb 08)
- Re: Statistical Attack Against Virtual Banks HC Security (Feb 09)
- Re: Statistical Attack Against Virtual Banks Swift Griggs (Feb 09)
- Re: Statistical Attack Against Virtual Banks Andre L. Dos Santos (Feb 08)