nanog mailing list archives
Re: NANOG meeting subject of attack? Hmmmm....
From: robert () UU NET
Date: Wed, 09 Feb 2000 22:35:52 -0500
As Charles says, from what I've read of the CERT advisories, there is nothing proactive one can really do for these DDos attacks, besides securing machines from being hacked, correct?
A site can use anti-spoofing filters on their router/firewall (even if the ISP can't or won't do it on their end) to make sure that their machines don't forge source addresses. This might stop any of their machines which have been compromised from really doing participating in the attack. (I say "might" because the slave daemons don't have to forge addresses.) Other misc. ideas are in: http://www.cert.org/reports/dsit_workshop.pdf (BTW, a "advisory" version of unicast RPF-type stuff would be immensely helpful in deploying URPF, "source validation," ingress filtering, or whatever you want to call it.)
Current thread:
- Re: NANOG meeting subject of attack? Hmmmm...., (continued)
- Re: NANOG meeting subject of attack? Hmmmm.... Joe Shaw (Feb 09)
- Re: NANOG meeting subject of attack? Hmmmm.... Travis Pugh (Feb 09)
- Re: NANOG meeting subject of attack? Hmmmm.... Dan Hollis (Feb 09)
- Re: NANOG meeting subject of attack? Hmmmm.... Joe Shaw (Feb 09)
- Re: NANOG meeting subject of attack? Hmmmm.... Wayne Bouchard (Feb 09)
- Message not available
- Re: NANOG meeting subject of attack? Hmmmm.... Hank Nussbacher (Feb 10)
- Re: NANOG meeting subject of attack? Hmmmm.... Wayne Bouchard (Feb 09)
- Re: NANOG meeting subject of attack? Hmmmm.... Mike Bird (Feb 09)
- Re: NANOG meeting subject of attack? Hmmmm.... Randy Bush (Feb 09)
- Re: NANOG meeting subject of attack? Hmmmm.... robert (Feb 09)