nanog mailing list archives
Re: Proactive steps to prevent DDOS?
From: Jerry Scharf <scharf () vix com>
Date: Sun, 28 Jan 2001 19:12:40 -0800
Sean, The first step is effective emergency response. I have seen hours pass as secret handshakes and people on the "right list" were located and made the right calls. People start their generators on a planned basis to make sure they work. How many people practice DDOS attack recovery? It's something you can actually do today that will help the most in a real attack. This is a malicious attack designed to cause failure, so I think that any measures of the style discussed will only save you from the small attacks. Not that avoiding some attacks isn't good, it's just not much help in the general case. I think the issue of malice makes it very hard to plan for like storm water or freeway traffic. I have no proof to say that large sites fare better than small ones. They can handle more, but attract much more serious attacks with much more glory for the perpetrators. Many people are pinning their hopes on traffic flow tagging as the way to manage/solve this in the long term. No one knows yet when it can be deployed in a large enough scale to work and what it will take then to handle it. I'm hoping you realize the spectacular failure mode of your DNS propose. You DOS the DNS in-addr servers and the whole site goes away. That should take a lot less traffic than swamping the pipes. DNS has enouh problems digesting all the things it's trying to do now (DNSSEC, v6, large packets...), no need to make it worse. jerry
Current thread:
- Re: Proactive steps to prevent DDOS?, (continued)
- Re: Proactive steps to prevent DDOS? David Harmelin (Feb 24)
- Re: Proactive steps to prevent DDOS? Adam Rothschild (Feb 24)
- Re: Proactive steps to prevent DDOS? Adrian Chadd (Feb 24)
- Re: Proactive steps to prevent DDOS? Sean Donelan (Feb 24)
- Re: Proactive steps to prevent DDOS? Valdis . Kletnieks (Feb 24)
- RE: Proactive steps to prevent DDOS? Chin Wey Jake (Feb 24)
- Re: Proactive steps to prevent DDOS? Valdis . Kletnieks (Feb 24)
- Re: Proactive steps to prevent DDOS? Richard A. Steenbergen (Feb 24)
- Re: FW: Proactive steps to prevent DDOS? Jeffrey Meltzer (Feb 24)
- Re: Proactive steps to prevent DDOS? Jason Legate (Feb 24)
- Re: Proactive steps to prevent DDOS? Sean Donelan (Feb 24)
- Re: Proactive steps to prevent DDOS? Jerry Scharf (Feb 24)
- Re: Proactive steps to prevent DDOS? Howard C. Berkowitz (Feb 24)
- Re: Proactive steps to prevent DDOS? Sean Donelan (Feb 24)
- Re: Proactive steps to prevent DDOS? Sean Capshaw (Feb 24)
- Re: Proactive steps to prevent DDOS? Valdis . Kletnieks (Feb 24)
- Re: Proactive steps to prevent DDOS? John Payne (Feb 24)
- Re: Proactive steps to prevent DDOS? Valdis . Kletnieks (Feb 24)
- Re: Proactive steps to prevent DDOS? Steven M. Bellovin (Feb 24)
- Re: Proactive steps to prevent DDOS? Richard A. Steenbergen (Feb 24)