Re: Ping flood? Whats the point?

[shetomv () PACBELL NET (Thomas Vincent)]

> Fromwhat I understand, the massive distributed denial of service attack
yesterday was the by product of ISP's,  Universities , and other
organizations not filtering the packets from there internal networks.

It will probably take Yahoo, CNN, Buy.com, eBay, and Amazon collectively
standing up and raising a ruckus to get organizations to filter there
networks.

Cheers,
Tom Vincent

on 2/08/00 5:45 PM, Filip M. Gieszczykiewicz at filipg () CORONA EPS PITT EDU
wrote:

> On Tue, 8 Feb 2000, Kerry Baker wrote:
> [snip]
> > The only way to stop this sort of attack taking place is to only allow
> > legitimate source addresses in packets leaving your networks.  Come on
> > people!  Lets all make an effort to stamp this out.
>
> So, imagine my surprise that there are several loud advocates for not
> having ANY output rules at the firewall. Either you trust all your users
> or you take steps that you don't get yourself in trouble in the end. I
> have been streamlining the ruleset to eventually reject any output from
> leaving our LAN that doesn't fit the bill.
>
> So, do YOU filter output at your firewall? And if not, how ELSE can such
> spoofs be prevented (if one assumes you have no access to equipment
> upstream of your LAN)
>
> Cheers,
> Filip G.
>
> Filip "I'll buy a vowel" Gieszczykiewicz  |  http://www.repairfaq.org/
> (filipg () corona eps pitt edu)
> I am the river itself and the leaf floating its currents.
> I am steering. I am swept. I am.

--
Bye,
Thomas Vincent