Firewall Wizards mailing list archives
Re: Off topic: Any one know of a good IPV6 reference book?
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Wed, 30 Jul 2003 21:07:48 -0400
If every single packet had an authentic source IP address, then DDoS problems would be much easier to manage.
By the way, using cryptographic authentication and/or especially public key operations in your networking stack offers a *TERRIFIC* new form of CPU exhaustion DDOS. We haven't seen attackers using that kind of attack because basically nobody's using IPSEC ("nobody" in terms of overall computing demographics) but the threat may still exist. Adding cryptography to load-sensitive, memory space-sensitive, or complexity-sensitive problems is a recipe for making things WORSE not BETTER!!! mjr. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Off topic: Any one know of a good IPV6 reference book? Marcus J. Ranum (Jul 30)
- Re: Off topic: Any one know of a good IPV6 reference book? Crispin Cowan (Jul 30)
- Re: Off topic: Any one know of a good IPV6 reference book? Paul Robertson (Jul 30)
- Message not available
- Re: Off topic: Any one know of a good IPV6 reference book? Marcus J. Ranum (Jul 31)
- Re: Off topic: Any one know of a good IPV6 reference book? Crispin Cowan (Jul 30)
- Re: Off topic: Any one know of a good IPV6 reference book? David Wagner (Jul 31)
- Re: Off topic: Any one know of a good IPV6 reference book? Dave Piscitello (Jul 31)
- Re: Off topic: Any one know of a good IPV6 reference book? Marcus J. Ranum (Jul 31)