nanog mailing list archives
Re: NAP/ISP Saturation WAS: Re: Exchanges that matter...
From: Ophir Ronen <ophir () internap com>
Date: Fri, 20 Dec 1996 14:38:00 -0800 (PST)
On Fri, 20 Dec 1996, Alex.Bligh wrote:
I think that there's some lack of clarity on the problem here. Anyone can stream packets at ANY router and take it down. If it's not ICMP, you can simply forge routing protocol packets. It's a question of simply supersaturating the system. To truly deal with DoS attacks, there are basically three approaches:Indeed. For instance SYN-flood the BGP port.
Correct me if I'm wrong but to the best of my recollection, in order for a packet to be accepted on the BGP port, it must be originating from a configured BGP peer. Since the SYN flood method relies on the attack originating from an unreachable (yet routable) address, it would seem that this approach will fail. rfc-1771: If the local system detects that a remote peer is trying to establish BGP connection to it, and the IP address of the remote peer is not an expected one, the local system restarts the ConnectRetry timer, rejects the attempted connection, continues to listen for a connection that may be initiated by the remote BGP peer, and stays in the Active state. -Ophir - - - - - - - - - - - - - - - - -
Current thread:
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter..., (continued)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Jonathan M. Bresler (Dec 19)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Alex.Bligh (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Jim Van Baalen (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Nathan Stratton (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Paul A Vixie (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Jim Van Baalen (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Tony Li (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Alex.Bligh (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Avi Freedman (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Alex.Bligh (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Ophir Ronen (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Tony Li (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Michael Dillon (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Tony Li (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... David Schwartz (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Alan Hannan (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... David Schwartz (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Brett L. Hawn (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Alan Hannan (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Brett L. Hawn (Dec 20)
- Re: NAP/ISP Saturation WAS: Re: Exchanges that matter... Jon Zeeff (Dec 21)