nanog mailing list archives
Re: Re[4]: SYN floods (was: does history repeat itself?)
From: "Perry E. Metzger" <perry () piermont com>
Date: Tue, 10 Sep 1996 14:57:14 -0400
Pat Calhoun writes:
However if you are filtering on your outbound router to the net, there is still the possbility that a malicious user could spoof addresses as long as they belong to your address space. By moving the filter out to the edge (when you have the equipment) this eliminates that problem as well.
I think thats less of a problem -- spoofing addresses inside the network narrows down your origin enough that you are very likely to be caught or shut down quickly. It might have an advantage in stopping ankle-biter attacks against your own equipment by your users, though. I think that agressively sanity-filtering the net at all junctions is probably a good idea in general, though. Would that we had the CPU power... (Whats needed, I think, is a cheap box that just does filtering. If it did it in hardware, it could be very fast (needed for high speed lines) and possibly even cheap. Perry - - - - - - - - - - - - - - - - -
Current thread:
- Re: Re[2]: SYN floods (was: does history repeat itself?), (continued)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Curtis Villamizar (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) John G. Scudder (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Joel Gallun (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Michael Dillon (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alex.Bligh (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Neil J. McRae (Sep 13)
- Re: Re[2]: SYN floods (was: does history repeat itself?) John G. Scudder (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Curtis Villamizar (Sep 12)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Perry E. Metzger (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Alec H. Peterson (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Perry E. Metzger (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Alexis Rosen (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Curtis Villamizar (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alexis Rosen (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Paul Frommeyer (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Dick St.Peters (Sep 11)