nanog mailing list archives
Re[4]: SYN floods (was: does history repeat itself?)
From: pcalhoun () usr com (Pat Calhoun)
Date: Tue, 10 Sep 1996 13:21:45 -0500
Alexis, However if you are filtering on your outbound router to the net, there is still the possbility that a malicious user could spoof addresses as long as they belong to your address space. By moving the filter out to the edge (when you have the equipment) this eliminates that problem as well. Pat R. Calhoun e-mail: pcalhoun () usr com Project Engineer - Lan Access R&D phone: (847) 933-5181 US Robotics Access Corp. ______________________________ Reply Separator _________________________________ Subject: Re: Re[2]: SYN floods (was: does history repeat itself?) Author: Alexis Rosen <alexis () panix com> at Internet Date: 9/10/96 2:07 PM Alec H. Peterson writes:
Pat Calhoun writes:This is actually quite simple to implement on Dial Access Routers, and obviously this is the best place to add the filtering.Sure, that's a place to start. Except for a few problems: 1) The people doing this are not necessarily using a dialup IP connection.
True. That's why you need to filter upstream of public-access unix boxes (like our own).
2) Many of us don't have dial access routers that can handle this.
Also true. As I said before, I don't know about the Ascends, but I do know that the Xylogics boxes we use have the capability but probably not the capacity. When all ports are connected at 28.8, CPU usage can hover in the high 80% range. Adding filters would probably be a bad idea. That's why I was talking about filtering at a router just upstream from the dial-access box. FWIW, even with a thousand very busy modems, I'm pretty sure that even a small cisco is up to the job. They just don't generate all that much traffic. /a - - - - - - - - - - - - - - - - -
Current thread:
- Re: Re[2]: SYN floods (was: does history repeat itself?), (continued)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alec H. Peterson (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Curtis Villamizar (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) John G. Scudder (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Joel Gallun (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Michael Dillon (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alex.Bligh (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Neil J. McRae (Sep 13)
- Re: Re[2]: SYN floods (was: does history repeat itself?) John G. Scudder (Sep 12)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Perry E. Metzger (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Alec H. Peterson (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Perry E. Metzger (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Alexis Rosen (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Curtis Villamizar (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alexis Rosen (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Paul Frommeyer (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Dick St.Peters (Sep 11)