nanog mailing list archives
Re: DDOS prevention offensive.
From: Jason Slagle <raistlin () tacorp net>
Date: Thu, 12 Jul 2001 13:19:26 -0400 (EDT)
On Thu, 12 Jul 2001, Bill Larson wrote:
Well to sum it up in one sentence. If you eliminate the bogus addresses, you can then target the actual zombie machines used to attack the site and eventually eliminate the risk via patching or null route them. So filtering bogus addresses, non-routable addresses, and the addresses, which do not belong to your net blocks, would serve to combat the denial of service attacks.
I believe the attacks in question are actually non-spoofed. It's getting the source networks to remove the boxes that is the problem. Most of them are .edu. -- Jason Slagle - CCNP - CCDP Network Administrator - Toledo Internet Access - Toledo Ohio - raistlin () tacorp net - jslagle () toledolink com - WHOIS JS10172 /"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . \ / ASCII Ribbon Campaign . Interim Team Lead - . Admin - X - NO HTML/RTF in e-mail . Coders . wombat.dal.net / \ - NO Word docs in e-mail . Team Lead - Exploits . DALnet IRC Network
Current thread:
- DDOS prevention offensive. Joseph T. Klein (Jul 12)
- Re: DDOS prevention offensive. Rob Thomas (Jul 12)
- Re: DDOS prevention offensive. Bill Larson (Jul 12)
- Re: DDOS prevention offensive. Jason Slagle (Jul 12)
- Re: DDOS prevention offensive. Christopher L. Morrow (Jul 12)
- Re: DDOS prevention offensive. Bill Larson (Jul 12)
- Re: DDOS prevention offensive. Bill Larson (Jul 12)
- <Possible follow-ups>
- RE: DDOS prevention offensive. Roeland Meyer (Jul 12)
- Re: DDOS prevention offensive. John McNeal (Jul 12)
- Re: DDOS prevention offensive. Rob Thomas (Jul 12)