nanog mailing list archives
Re: New Denial of Service Attack on Panix
From: Rob Skrobola <rjs () ans net>
Date: Tue, 17 Sep 1996 11:55:48 -0400
>From: Avi Freedman <freedman () netaxs com> >Subject: Re: New Denial of Service Attack on Panix >Sigh. My feeling is that host-based solutions should be discussed >on inet-access, but mentioned briefly also on nanog so that providers >can note them to give pointers to their customers. > >And there probably is too much SYN-related traffic on nanog anyway. >The plea has been made: You should - or you should encourage your >customers to - filter garbage inbound to you from them or outbound from >them to you. You should come up with a plan to nail the source of >SYN attacks quickly if the trail leads to your network as the source. Short term, this discussion seems appropriate for nanog. On topic: Most of the discussion has been about stopping these general kinds of attacks from dial-up providers, ISP's. I've not heard much about what seems to be the other major source of potential problems, namely universities and schools.. They seem to provide a somewhat more involved challenge in the effort to source filter outbound packets. It's hard to imagine an NSP that is serving a regional attempting to put packet filters on a 7xxx servicing a fully loaded ds3 or two that is connected to a regional, much less the management nightmare that upkeeping that filter would be. So it has to happen closer to the source. It would be interesting to hear an opinion from some networking folks at the regionals or at campuses about whether this kind of filtering can or will be done... RobS Disclaimer - This is *not* an attempt to slam anybody, just to discuss.. - - - - - - - - - - - - - - - - -
Current thread:
- RE: New Denial of Service Attack on Panix, (continued)
- RE: New Denial of Service Attack on Panix Jim Browning (Sep 16)
- Re: New Denial of Service Attack on Panix Paul A Vixie (Sep 16)
- RE: New Denial of Service Attack on Panix David Miller (Sep 17)
- Message not available
- Re: New Denial of Service Attack on Panix Sharif Torpis (Sep 17)
- RE: New Denial of Service Attack on Panix Jim Browning (Sep 16)
- RE: New Denial of Service Attack on Panix Jim Browning (Sep 16)
- Re: New Denial of Service Attack on Panix Alan Hannan (Sep 16)
- Re: New Denial of Service Attack on Panix Michael Dillon (Sep 16)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Sep 17)
- Re: New Denial of Service Attack on Panix David Miller (Sep 17)
- Re: New Denial of Service Attack on Panix Avi Freedman (Sep 17)
- Re: New Denial of Service Attack on Panix Rob Skrobola (Sep 17)
- Re: New Denial of Service Attack on Panix jefF rizzO (Sep 17)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Sep 17)
- Re: New Denial of Service Attack on Panix Alan Hannan (Sep 16)
- SYN floods Michael Dillon (Sep 17)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Sep 17)
- Re: New Denial of Service Attack on Panix Joel Gallun (Sep 17)
- Re: New Denial of Service Attack on Panix Avi Freedman (Sep 17)
- Re: New Denial of Service Attack on Panix George Herbert (Sep 17)