nanog mailing list archives
Re: New Denial of Service Attack on Panix
From: Paul Ferguson <pferguso () cisco com>
Date: Thu, 03 Oct 1996 14:21:04 -0400
I agree completely, but neither one is a panacea. - paul At 08:40 AM 10/3/96 -0400, Dima Volodin wrote:
And if everyone doesn't make any attacks we won't have any problems either. To rephrase - relying on ingress filtering is putting your security in someone other's hands, doing host-based stuff is protecting yourself with your own hands. To rephrase once again - doing ingress filtering is "being conservative with what you produce", being able to cope with SYN floods on the host level is "being liberal on what you accept." We need both, and overemphasising one side of the solution will do a lot of harm. Dima
- - - - - - - - - - - - - - - - -
Current thread:
- Re: New Denial of Service Attack on Panix, (continued)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
- SUN: Re: New Denial of Service Attack on Panix Allan Chong (Oct 03)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Oct 03)
- Re: TCP SYN attacks Ran Atkinson (Oct 03)
- Re: TCP SYN attacks Zach (Oct 03)
- Re: TCP SYN attacks Avi Freedman (Oct 03)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 02)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
- Re: New Denial of Service Attack on Panix Avi Freedman (Oct 03)
- Re: New Denial of Service Attack on Panix Tim Bass (Oct 03)
- Re: New Denial of Service Attack on Panix Avi Freedman (Oct 03)
- Re: New Denial of Service Attack on Panix Daniel W. McRobb (Oct 03)