nanog mailing list archives

Re: SYN flood messages flooding my mailbox

From: Vadim Antonov <avg () quake net>
Date: Tue, 24 Sep 1996 01:03:25 -0700

Basing this on the AdjRibIn is a more work than just reversing the
sense of the Fib but it does cover quite a few more cases.  Though not
all of them.


No, not of course; but more than enough to be practical.  A _lot_ more
practical than manually (or semi-automatically) maintained access lists
which do not provide any "visible" benefit.

The transit providers still need to be able to trace attacks after the
fact since there is no filter that covers these cases...


Absolutely.  When other things do not help :)

and filters at
the fringes will be spotty deplomyments.


That's why i want reverse-route verification to be _default_ behaviour
of routers.  A person who knows how to use asymmetric routing would
know how to turn the feature off.  A person who is clueless or simply
doesn't care will leave default as is.

--vadim
- - - - - - - - - - - - - - - - -

Current thread:

Re: SYN flood messages flooding my mailbox, (continued)
- Re: SYN flood messages flooding my mailbox Paul Ferguson (Sep 18)
  - Re: SYN flood messages flooding my mailbox Curtis Villamizar (Sep 18)
- Re: SYN flood messages flooding my mailbox Paul Ferguson (Sep 18)
- Re: SYN flood messages flooding my mailbox Vadim Antonov (Sep 19)
  - Re: SYN flood messages flooding my mailbox Curtis Villamizar (Sep 23)
- Re: SYN flood messages flooding my mailbox Vadim Antonov (Sep 23)
  - Re: SYN flood messages flooding my mailbox Curtis Villamizar (Sep 23)
- Re: SYN flood messages flooding my mailbox rwoundy (Sep 23)
  - Re: SYN flood messages flooding my mailbox Avi Freedman (Sep 23)
- Re: SYN flood messages flooding my mailbox Vadim Antonov (Sep 23)
- Re: SYN flood messages flooding my mailbox Vadim Antonov (Sep 24)
  - Re: SYN flood messages flooding my mailbox Curtis Villamizar (Sep 24)
- Re: SYN flood messages flooding my mailbox Vadim Antonov (Sep 24)